[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Tails-dev] secure and simple network time (hack)



I don't really understand your reservation about this project. It's reasonable
to want authenticated time to a non-webserver of ones choice. Depending on
your environment, tlsdate is complementary to the various other
programs. You can (and will) use whatever you decide fits your needs,
but please don't disparage a valid project because it segfaults "after a
while". It's a work-in-progress, better to contribute useful information
than complain.

On Fri, Apr 12, 2013 at 02:43:13PM +0300, Maxim Kammerer wrote:
> On Fri, Jul 20, 2012 at 3:07 AM, Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> > Allow me to be very explicit: it is harder to parse an HTTP Date header
> > than properly than casting a 32bit integer and flipping their order. The
> > attack surface is very small and easy to audit.
> 
> Just discovered that tlsdated in tlsdate-0.0.6 is dying with a
> segmentation fault after a while. Not surprised after seeing the code
> â my experimentation with this gimmick is finally over. Turns out that
> âthrow something together and wait for patchesâ is not a sound
> development approach.
> 
> --
> Maxim Kammerer
> Libertà Linux: http://dee.su/liberte
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk