On Thu, Apr 18, 2013 at 1:18 AM, Jacob Appelbaum <ja...@appelbaum.net> wrote: > Whenever a less friendly person gives me a hard time about the obvious > futility of tlsdate, I think: > > "Let me know how your ntp replacement project goes and I'll gladly use > it when my shitty one trick pony isn't beating the pants off of your arm > chair hacking." > > I'd say I'm kidding but really, we need a secure network time client and > we need one badly. If we don't have one, we can't hold certain > assumptions to be correct and entire systems can be broken. There is > also the attack surface and architecture of other ntp/ntp-like clients.
There are now apparently enough openly accessible and stable authenticated NTP servers around to rely on them in a distro. The problem is that authenticated NTP protocol (more precisely, its asymmetric crypto Autokey variant) does not support NAT traversal in either the server *or* the client, since both IP addresses are signed. I guess the reason is that NTP has no clear distinction between client and server. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
