[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] secure and simple network time (hack)
From: Maxim Kammerer <mk@xxxxxx>
Date: Tue, 21 Feb 2012 01:31:12 +0200
Authentication-results: mr.google.com; spf=pass (google.com: domain of mk@xxxxxx designates 10.60.29.34 as permitted sender) smtp.mail=mk@xxxxxx; dkim=pass header.i=mk@xxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 20 Feb 2012 18:31:44 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dee.su; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=5b1CJES+REUi4Y3m2+4Y8QeJpvVsvX/Fe5p8e78wXTg=; b=A8DYKDXSo4L31eSswTtdX10he6tSh3XO+ARixDxG29RRNXePawROe/J0BJRYMehtD1 2gqhRbZqOZXzVqJMKa7aUOP3Ctl/qIEop9OpYA5+eLC2KfpW+cEFaM2l8S4xcHKpLpj4 gKy6KfLWs0N7CSXE++VnXE2m3TAdRjALjHXYM=
In-reply-to: <4F42AD50.4050807@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4F42AD50.4050807@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Mon, Feb 20, 2012 at 22:30, Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> Some people have taken to setting clocks with HTTP headers but I think that's a nightmare - not only
> because people will parse the header with questionable code but also because of latency, amongst other things.

What questionable code? HTTP Date: header is standard (RFC 1123).
HTPDate (C version) [1] does a rather good job of maintaining time
from such headers, and with an obvious header parsing vulnerability
fix and some improvements / feature additions [2] it is used in
Liberté Linux without issues. The only downside is lack of https
support.

[1] http://www.clevervest.com/htp/
[2] https://github.com/mkdesu/liberte/blob/master/src/usr/local/portage/net-misc/htpdate/files/htpdate-1.0.4-robustness.patch

> Currently tlsdate only has one way to verify certificates to ensure that
> the connection is secure - namely, it's the usual CA racket.

Does it mean that verification will fail if the clock is several years
behind, for instance?

> I'd love some code review but also just some feedback.

Does become_nobody() drop group privileges as well? Is operation over
Tor supported (I don't see any proxy handling)?

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] secure and simple network time (hack)
  - From: Jacob Appelbaum

References:
- [tor-talk] secure and simple network time (hack)
  - From: Jacob Appelbaum

Prev by Author: Re: [tor-talk] How accurate does need the clock to be?
Next by Author: Re: [tor-talk] Scroogle is No More?
Previous by thread: [tor-talk] secure and simple network time (hack)
Next by thread: Re: [tor-talk] secure and simple network time (hack)
Index(es):
- Author
- Thread