Re: [Tails-dev] Why doesn't Tails use tlsdate? (htp replacement)
Hi, pro...@secure-mail.biz wrote (06 Jun 2012 01:15:55 GMT) : > Why doesn't Tails use tlsdate, made by Jacob Appelbaum? [1] [2] > Wouldn't it be a good replacement for htp? Because it's not clear at all where, and how it could fit into, replace or improve the current time sync' system we already have: https://tails.boum.org/contribute/design/Time_syncing/ I had difficulties communicating on this topic with Jacob on IRC, so I told him I will have a serious look once he makes this point clear. tlsdate could be a good replacement for HTP once it has the features we need (e.g. our three-pools design) -- OTOH, another options could be to keep our existing htpdate wrapper (that implements the clever bits), and merely replace wget + header parsing in there with tlsdate. In this context, tlsdate communication would go through Tor. However, it *seems* to me Jacob was suggesting us to run tlsdate in the clear, that is without going through Tor; hence the question I raised about the network fingerprint of this tool, unanswered as of today (see <85sjgwz3kw@boum.org> on tor-talk). I'm worried running tlsdate in the clear would get us back to the "Tails leaves a clear bootstrap network fingerprint" old days we have managed to escape with our current time sync' system. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Why doesn't Tails use tlsdate? (htp replacement)
My take on tlsdate: On Wed, Jun 6, 2012 at 4:15 AM, wrote: > Wouldn't it be a good replacement for htp? No, since tlsdate has no features: see TODO items 5 and 6, for instance (daemonization and clock skewing), and also items 9 and 1 (proxy support and leaking local clock). The claim about “parsing the header with questionable code”, on the other hand, is silly — see my reply to the email that you referenced. Granted, I wrote about C code, and Tails uses Perl HTPDate version, so YMMV. Even without https support in C HTPDate, it seems more attractive to me than current tlsdate. With all that said, I actually intend to fork tlsdate at some point and implement the required features, but it's quite low priority. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
[Tails-dev] Why doesn't Tails use tlsdate? (htp replacement)
Why doesn't Tails use tlsdate, made by Jacob Appelbaum? [1] [2] Wouldn't it be a good replacement for htp? [1] https://lists.torproject.org/pipermail/tor-talk/2012-February/023275.html [2] https://github.com/ioerror/tlsdate __ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
