intrigeri: > There are a few pieces of software called htpdate, and the one Tails > uses only connects to HTTPS servers, and delegates to wget the X.509 > certificates validation: > https://tails.boum.org/contribute/design/Time_syncing/#index3h2
Unfortunately wget (nor any other command line downloader) doesn't support to pin the certificate of the website. https://lists.gnu.org/archive/html/bug-wget/2012-07/msg00007.html So it still depend on the flawed root CA system. (Don't take this too harsh. Although there is space for improvement I seriously consider adding tails_htp to aos. Thanks to the distributed trust model, I think it's currently the safest method.) > In addition, the pal/foe/neutral pool system Tails uses gives *some* > protection against untrustworthy sources of time information, which > limits what one can do with only a few illegitimate X.509 certificates > they got from a "trusted" CA: > https://tails.boum.org/contribute/design/Time_syncing/#index4h2 If I understand correctly, you pick three random servers. One from each pool. And then build the mediate of the three. What's the point of asking the foe pool? (Servers which generally do not care about privacy.) Why doesn't tails_htp ask more than three servers for the time and build the mediate? Like 6, 9 or 12. _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
