On Wed, Sep 11, 2013 at 12:06 PM, Eric Rescorla <[email protected]> wrote:
> Before we discuss mechanisms, it would be good to verify that in general
> clients and servers don't become unhappy if the timestamp is radically
> wrong. Has someone done measurements to verify that this is in fact
> the case at a broad scale?
Tor Browser has omitted this field for over five years now to no ill effect.
It would appear (assuming that I'm reading old NSS source right, which
I might not be!) that from about 2000 to 2008, Firefox was sending the
time since the process started, not the unix time, and nobody noticed
until 2007:
https://bugzilla.mozilla.org/show_bug.cgi?id=405652
So at least on the client side, there seems to be strong evidence that
sending something other than the correct time does not cause obvious
problems in the wild.
yrs,
--
Nick
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
