On 31/10/16 13:36, Michael Richardson wrote: > > Hi, I know that we talked a lot (especially Dave Taht) about how CPE devices > without RTCs could verify certificates and DNSSEC when they don't know the > time, and they won't know the time until they securely find an NTP server. > > But, we talked about how this wasn't a totally catch-22, that we could > know how it was "at least" some time based upon file timestamp, or > self-certificate not-before dates, or do DNSSEC without time validation > first. > > My question is: did this get captured into document somewhere?
This [1] seems relevant. I've not looked into it in detail, but I'm guessing it has to be similar to the above ideas. S. [1] https://roughtime.googlesource.com/roughtime > > > -- > Michael Richardson <[email protected]>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > > _______________________________________________ > homenet mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/homenet >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
