Re: [homenet] write up of time without clocks
mcr> Hi, I know that we talked a lot (especially Dave Taht) about how CPE mcr> devices without RTCs could verify certificates and DNSSEC when they mcr> don't know the time, and they won't know the time until they securely mcr> find an NTP server. mcr> But, we talked about how this wasn't a totally catch-22, that we could mcr> know how it was "at least" some time based upon file timestamp, or mcr> self-certificate not-before dates, or do DNSSEC without time validation mcr> first. mcr> My question is: did this get captured into document somewhere? Stephen Farrell wrote privately to inform me about https://roughtime.googlesource.com/roughtime. So, this is a network protocol to essentially crowd-surf the correct time via signed replies of nonces. It has a way to generate enough signatures fast enough to not get DDoS on a 10G link. I'm not sure how the client trusts the RoughTime servers' certificates, or if that matters given the distributed nature of things (TOFU would work). I'm not looking for a network protocol, because the devices I care about do not (yet) have network! I'm looking for the write up a heuristic that says that if you have local information that time was once verified to be at X, that it must be at least >X. aside: Interesting in the protocol, it says: Since we require that requests be padded to 1KB to avoid becoming a DDoS amplifier, a 10Gbps network link could only deliver 1.2 million requests per second anyway. I'm been thinking that this might be the only way to deal with (UDP) DDoS with potentially forgable source addresses: insist that the sender's packet is always at least as big as the reply they want. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
Re: [homenet] write up of time without clocks
On 31/10/16 13:36, Michael Richardson wrote: > > Hi, I know that we talked a lot (especially Dave Taht) about how CPE devices > without RTCs could verify certificates and DNSSEC when they don't know the > time, and they won't know the time until they securely find an NTP server. > > But, we talked about how this wasn't a totally catch-22, that we could > know how it was "at least" some time based upon file timestamp, or > self-certificate not-before dates, or do DNSSEC without time validation > first. > > My question is: did this get captured into document somewhere? This [1] seems relevant. I've not looked into it in detail, but I'm guessing it has to be similar to the above ideas. S. [1] https://roughtime.googlesource.com/roughtime > > > -- > Michael Richardson , Sandelman Software Works > -= IPv6 IoT consulting =- > > > > > > ___ > homenet mailing list > homenet@ietf.org > https://www.ietf.org/mailman/listinfo/homenet > smime.p7s Description: S/MIME Cryptographic Signature ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
[homenet] write up of time without clocks
Hi, I know that we talked a lot (especially Dave Taht) about how CPE devices without RTCs could verify certificates and DNSSEC when they don't know the time, and they won't know the time until they securely find an NTP server. But, we talked about how this wasn't a totally catch-22, that we could know how it was "at least" some time based upon file timestamp, or self-certificate not-before dates, or do DNSSEC without time validation first. My question is: did this get captured into document somewhere? -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet