[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: System time in anonymity oriented LiveCDs
Hi,
Jordi Espasa Clofent wrote (03 Jan 2011 16:48:10 GMT) :
> What about this http://www.eecis.udel.edu/~mills/ntp/html/autokey.html?
After reading this page quite quickly, it seems to me this NTP autokey
feature is a way to secure exchanges between a given NTP server you
manage and some clients you provide SSL client certs with.
Although this seems to be working for authenticating the NTP server,
this also has the severe drawback (in the Live system context this
discussion arises from) of:
- forcing the Live system's authors, or someone else, to run a
dedicated NTP server
- allowing a "local" attacker (say, an ISP) to very easily
fingerprint this Live system's users based on the fact they send
NTP (+autokey) requests to this special NTP server.
Am I mistaken?
Bye,
--
intrigeri <intrigeri@xxxxxxxx>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
| If you must label the absolute, use it's proper name: Temporary.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/