System time in anonymity oriented LiveCDs
intrigeri
intrigeri at boum.org
Wed Jan 5 19:56:38 UTC 2011
Hi,
Jordi Espasa Clofent wrote (03 Jan 2011 16:48:10 GMT) :
> What about this http://www.eecis.udel.edu/~mills/ntp/html/autokey.html?
After reading this page quite quickly, it seems to me this NTP autokey
feature is a way to secure exchanges between a given NTP server you
manage and some clients you provide SSL client certs with.
Although this seems to be working for authenticating the NTP server,
this also has the severe drawback (in the Live system context this
discussion arises from) of:
- forcing the Live system's authors, or someone else, to run a
dedicated NTP server
- allowing a "local" attacker (say, an ISP) to very easily
fingerprint this Live system's users based on the fact they send
NTP (+autokey) requests to this special NTP server.
Am I mistaken?
Bye,
--
intrigeri <intrigeri at boum.org>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| If you must label the absolute, use it's proper name: Temporary.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list