Hi,
[please don't Cc me, I read the list]
It seems that this has slipped through the cracks... sorry!
ban...@openmailbox.org wrote (12 Sep 2014 01:04:41 GMT) :
The current secure timesyncing solution has some serious implications for
security
because they rely on an untrusted model using
Hi Intrigeri, a lot has happened in this space since I last posted.
The Hidden Service descriptor proposal didn't make sense so we query
Hidden services directly and extract timestamps from their HTTP headers.
At the moment in Whonix, we use reputable Onion Sites exclusively for
time syncing
On Wed 2015-06-10 15:07:17 -0400, bancfc wrote:
The Hidden Service descriptor proposal didn't make sense so we query
Hidden services directly and extract timestamps from their HTTP headers.
Which hidden service operators do you query? what counts as a
reputable Onion Site ? Do those
The current secure timesyncing solution has some serious implications
for security because they rely on an untrusted model using clearnet
servers. Even though SSL is used, the broken CA model negates its
protection and the adversary could easily MITM requests and send fake
replies or
