Jacob Appelbaum: > adrelanos: >> Jacob Appelbaum: >>> If I were to reinvent the wheel without having read any of tordate's >>> source, I would: >>> >>> open the consensus or the cached-microdescs >>> parse the absolute minimum time >>> stat the respective file to see the last possible atime/mtime/ctime >>> pick the later time of the two >>> jump the clock forward again >> >> What in case the directory authority is not reachable (censored area)? >> > > Well, if we have a file on the disk, we don't even have to touch the > network to jump the clock, right?
I must admit I am the over thinking type. Three cases. One appears unsolved to me. 1) there is a file on disk -> no consensus parser required 2) there is no file on disk; Tor directory authority available -> parse consensus 3) there is no file on disk; Tor directory authority is not reachable -> ? How likely is it that there is no file on disk and that Tor directory authority is not reachable? I have no idea, just thought, if it isn't a likely use case, you wouldn't think about a consensus parser. >> Is the parasitic approach future proof anyway? Won't that cost the >> remote server admins cpu load and traffic? > > Probably and probably not? I don't know. >> >> What if the remote server admins install some "intelligent" filter, >> which blocks Tor? (for other unrelated spam/ddos issues) > > Which server admins? People offering TLS? The admins of the servers which tlsdate contacts, i.e. top 100 alexa or whatever hosts you may pick.) >> >> Why trust and get the time of some remote server admins who are not >> really willing to run a network time server? They most likely get their >> own time over unauthenticated NTP. Getting time from TLS is more a hack >> than a replacement for non-existing tcp, authenticated and distributed NTP. >> > > Yeah, I'm aware. Really, well aware. People keep telling me over and > over again I apologize, very sorry for my wording and didn't want to join that, in fact very happy about ANY kind of improvements in the network time sync area. <snipped the other parts where I agree and have nothing to add> Cheers, adrelanos _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev