Time synchronization issues

Adam Shostack adam at homeport.org
Tue Nov 4 23:38:43 UTC 2003


On Tue, Nov 04, 2003 at 12:47:17PM -0500, Joel N. Weber II wrote:
| So, if you're trying to design a system that's secure, the real issue
| to worry about is whether there are circumstances where an attacker
| can manipulate clocks to be able to use a certificate that's invalid.
| 
| If you're really relying on the clocks being accurate, then you need
| to have documentation that says to people running onion routing
| software, ``don't configure your computer to use rdate -s
| trusted-time-server.example.com every time it boots, for any protocol
| such as rdate which is not cryptographically authenticated.''  (This

I mostly agree, but want to say if it's essential for the security of
the system, the software needs to verify it.  Nobody reads the
documentation.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume




More information about the tor-dev mailing list