[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] secure and simple network time (hack)


Jacob Appelbaum wrote (19 Jul 2012 23:48:48 GMT) :
> The key difference with htpdate is that one has a cryptographic
> signature. I'll take a subset of possible MITM attackers over fully
> trusting something that anyone could MITM.

I think this is wrong in the context of Tails.

There are a few pieces of software called htpdate, and the one Tails
uses only connects to HTTPS servers, and delegates to wget the X.509
certificates validation:

In addition, the pal/foe/neutral pool system Tails uses gives *some*
protection against untrustworthy sources of time information, which
limits what one can do with only a few illegitimate X.509 certificates
they got from a "trusted" CA:

Thanks a lot for your detailed answer!
I'll think about the rest later.

  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
tor-talk mailing list