> Von: Hal Murray <[email protected]> > An: NTP Working Group <[email protected]>, [email protected] > Kopie: Hal Murray <[email protected]> > Datum: 31.03.2016 20:27 > Betreff: Re: [TICTOC] [ntpwg] WGLC on NTS: Round trips for key exchange > Gesendet von: "TICTOC" <[email protected]> > > > [email protected] said: > > I suggest that NTS should encourage users to write the current time to a > > persistent file that is available upon reboot. This should be overwritten > > on every clock update. Then, when the client reboots, it can check that > > the expiry time of the certificates is no earlier than the last time time > > written to the presisent file. This limits the impact of attackers that use > > old compromised certificates to break the security of NTS. > > I think the issue of getting started is much more complicated than that. > > It probably deserves a separate document to collect all the ideas.
I agree. > Individual documents like NTS should be explicit about what they are > assuming. Do they need valid (how close?) time or valid certificates or ??? I can see that a paragraph like this might be necessary. We will think about where it's appropriate (NTS main document or NTS-4-NTP). > The above paragraph assumes the system has a writable file system. The > "every clock update" may be too expensive for some systems. > > What happens the first time? Even if you assume that file was sanely > initialized at the factory, the unit may have sat on a shelf for a long time. > > What do you do if your clock gets set far into the future? > > > -- > These are my opinions. I hate spam. > > > > _______________________________________________ > TICTOC mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tictoc
_______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
