On Mon, Feb 20, 2012 at 22:30, Jacob Appelbaum <[email protected]> wrote: > Some people have taken to setting clocks with HTTP headers but I think that's > a nightmare - not only > because people will parse the header with questionable code but also because > of latency, amongst other things.
What questionable code? HTTP Date: header is standard (RFC 1123). HTPDate (C version) [1] does a rather good job of maintaining time from such headers, and with an obvious header parsing vulnerability fix and some improvements / feature additions [2] it is used in Liberté Linux without issues. The only downside is lack of https support. [1] http://www.clevervest.com/htp/ [2] https://github.com/mkdesu/liberte/blob/master/src/usr/local/portage/net-misc/htpdate/files/htpdate-1.0.4-robustness.patch > Currently tlsdate only has one way to verify certificates to ensure that > the connection is secure - namely, it's the usual CA racket. Does it mean that verification will fail if the clock is several years behind, for instance? > I'd love some code review but also just some feedback. Does become_nobody() drop group privileges as well? Is operation over Tor supported (I don't see any proxy handling)? -- Maxim Kammerer Liberté Linux (discussion / support: http://dee.su/liberte-contribute) _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
