On Fri, Jan 27, 2012 at 17:39, Maxim Kammerer <[email protected]> wrote: > When writing and testing that script, I noticed that the incoming > valid-after is never more than an hour earlier from the current > (correct) time, but at that point it was all kind of black magic, and > I didn't know that (as you say) the reason is that the directory > authorities agree on a new consensus each hour.
I think I now recalled the actual reason that stopped me from doing more research on whether it is possible to rely on hourly new consensus: fringe conditions. Say at 13:59 (correct time), Tor gets a 13:00-14:00-16:00 (valid-after, fresh-until, valid-until) consensus, the computer's time is off, and tordate sets the time to 13:30. But shortly after (maybe even before Tor has established a circuit — not sure whether that matters), the directory authorities agree on a new 14:00-15:00-17:00 consensus, and 13:30 is now out of that window, so Tor won't work (will it? The consensus is not yet valid — i.e., unverified), and htpdate will fail. With 14:30 estimate that problem wouldn't have happened. -- Maxim Kammerer Liberté Linux (discussion / support: http://dee.su/liberte-contribute) _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
