01/30/2012 01:41 AM, intrigeri: > anonym wrote (29 Jan 2012 21:46:56 GMT) : >> Setting it to fresh-until (time error 0 to 60 minutes in the future) >> or up to one hour later would be safe though. I guess it's best to >> have a margin in both ways, so our old middle of >> [valid-after,valid-until] seems like the safest choice. > >> If everyone agree, let's revert. > > Please do.
Done. > As far as I have understood, it seems to me the probability of seeing > this problem happening in the wild is not big enough to warrant > pushing back the imminent release of Tails 0.10.1 (with the > problematic change in), is it? Sure, even though it's a bit annoying. Even if htpdate fails, it seems very unlikely to cause issues; here's the log from my updated script that tests whether Tor still works when the issue is detected: Sun Jan 29 23:59:48 UTC 2012: valid-after: 2012-01-30 00:00:00 fresh-until: 2012-01-30 01:00:00 valid-until: 2012-01-30 03:00:00 Snap! Current time is before valid-after so the consensus is not valid yet! Using htpdate [with --dont_set_date and our normal pools etc.] to check if Tor works any way... Tor works at 23:59:54 Existing circuits are still ok to use, which explains this. So it seems the following things need to happen for a user to experience the issue: 1. tordate succeeds and get a clock that is E minutes backwards. (p = 0.5) 2. our new awesome htpdate fails. (p = 0.001 or something :)) 3. Tor downloads a consensus update at some time H:X:00 where X >= 60-E. (p = (E-D)/60 where D is the delay for the consensus to hit the chosen directory mirror) 4. All current circuits will expire before the new hour (p = ?). I wouldn't be surprised if our forum gets flooded by reports of this issue since our time syncing terror never seems to go away :). > (anonym: I think you forgot to send your last email to Maxim.) (He's subscribed to the list.) Cheers!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
