Re: [Tails-dev] [tor-talk] secure and simple network time (h…

Nachricht löschen

Nachricht beantworten
Autor: adrelanos
Datum:  
To: tor-talk
CC: tails-dev
Neue Treads: Re: [Tails-dev] Tails' htpdate [Was: secure and simple network time (hack)]
Betreff: Re: [Tails-dev] [tor-talk] secure and simple network time (hack)
intrigeri:
> There are a few pieces of software called htpdate, and the one Tails
> uses only connects to HTTPS servers, and delegates to wget the X.509
> certificates validation:
> https://tails.boum.org/contribute/design/Time_syncing/#index3h2


Unfortunately wget (nor any other command line downloader) doesn't
support to pin the certificate of the website.
https://lists.gnu.org/archive/html/bug-wget/2012-07/msg00007.html

So it still depend on the flawed root CA system.

(Don't take this too harsh. Although there is space for improvement I
seriously consider adding tails_htp to aos. Thanks to the distributed
trust model, I think it's currently the safest method.)

> In addition, the pal/foe/neutral pool system Tails uses gives *some*
> protection against untrustworthy sources of time information, which
> limits what one can do with only a few illegitimate X.509 certificates
> they got from a "trusted" CA:
> https://tails.boum.org/contribute/design/Time_syncing/#index4h2


If I understand correctly, you pick three random servers. One from each
pool. And then build the mediate of the three.

What's the point of asking the foe pool? (Servers which generally do not
care about privacy.)

Why doesn't tails_htp ask more than three servers for the time and build
the mediate? Like 6, 9 or 12.