hello,
I've thrown this out to the list before but recieved no responses, so I'm going to do it again. SSL encryption seems to fail if there is too much skew between the clocks. I've read "5 minutes", but I think that it is longer than that (there _is_ a 5 minute timeout, but I do not think that it is related). I can certainly see the importance of having a sync'd clock when you're trying to encrypt communications between two important servers. However, in the case where you have a distributed system of clients that are talking to one single server, it would be less problematic if 100 random Windows users didn't have to keep up with the complexity of having to keep their clocks synchronized. An NTP client is the most obvious solution, however, this still requires random windows user to not accidentally turn it off or break it, and requires windows-encrusted company to open it on their firewall (or if the firewall is configured by an external company, they must keep ntp open and decide not to close it one day). To make a long story short, I am looking for a way to circumvent the time synch dependancy between the client and server. I'm not sure if this is possible; there is little documentation and the change is not immediatley obvious when I'm looking at the code (I expect that it is somewhat obvuscated away in the dingy internals of setting up a connection). However, if anyone has _any_ suggestions or comments, I really want to hear them. thanks for any help, --adam ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
