mcr> Hi, I know that we talked a lot (especially Dave Taht) about how CPE mcr> devices without RTCs could verify certificates and DNSSEC when they mcr> don't know the time, and they won't know the time until they securely mcr> find an NTP server.
mcr> But, we talked about how this wasn't a totally catch-22, that we could mcr> know how it was "at least" some time based upon file timestamp, or mcr> self-certificate not-before dates, or do DNSSEC without time validation mcr> first. mcr> My question is: did this get captured into document somewhere? Stephen Farrell <[email protected]> wrote privately to inform me about https://roughtime.googlesource.com/roughtime. So, this is a network protocol to essentially crowd-surf the correct time via signed replies of nonces. It has a way to generate enough signatures fast enough to not get DDoS on a 10G link. I'm not sure how the client trusts the RoughTime servers' certificates, or if that matters given the distributed nature of things (TOFU would work). I'm not looking for a network protocol, because the devices I care about do not (yet) have network! I'm looking for the write up a heuristic that says that if you have local information that time was once verified to be at X, that it must be at least >X. ==== aside: Interesting in the protocol, it says: Since we require that requests be padded to 1KB to avoid becoming a DDoS amplifier, a 10Gbps network link could only deliver 1.2 million requests per second anyway. I'm been thinking that this might be the only way to deal with (UDP) DDoS with potentially forgable source addresses: insist that the sender's packet is always at least as big as the reply they want. -- Michael Richardson <[email protected]>, Sandelman Software Works -= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
