On Sun, Jul 20, 2003 at 01:19:14PM -0400, Nick Tarleton wrote: > > How exactly would an SSK certify the current time? > > How else can the time sync be distributed accurately, not be able to be > screwed up by malicious reporting, and be more or less the same across all of > Freenet?
I would love to hear how we are supposed to get a signed SSK to all Freenet nodes quickly enough that its contents aren't out of date by the time it has actually hit enough people. I would also love to hear how we protect the private key for the SSK, since it could be quite dangerous in the wrong hands. > However, a prominent 'SET CLOCK CORRECTLY!' should be enough.. Maybe the local > time could be checked against NTP and a 'Warning: your clock is this far off' > displayed? The NTP idea sucks for reasons I have already outlined. Freenet isn't the only application that won't work correctly if the time is set incorrectly, why should we take this responsibility upon ourselves? If we were going to do something, something similar to the way distributed time sync algorithms operate would be best - but again, the whole thing is complete overkill - a note in the README file should be more than sufficient. Ian. -- Ian Clarke [EMAIL PROTECTED] Coordinator, The Freenet Project http://freenetproject.org/ Founder, Locutus http://locut.us/ Personal Homepage http://locut.us/ian/
pgp00000.pgp
Description: PGP signature
