[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] tlsdate havoc ahead - default host randomizes tls timestamps
From:       Sven Kieske <svenkieske () gmail ! com>
Date:       2015-04-23 16:36:09
Message-ID: 55391F79.8030809 () gmail ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This shows imho
that tlsdate is also not a very good idea.

I also don't get why it was invented, you jump from:

"hey our old timekeeping protocol
is totally insecure"
to:
"let's use this random protocol
which was never designed for timekeeping
but at least it's secure"

turns out this does not work.

kind regards

Sven

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBCAAGBQJVOR94AAoJEAq0kGAWDrqlE3UMAJkIXR2V4ezhqFXQZ2CjaAlp
EvI4CQ5ax5769bAtX+rYbMK0/4xJZple6vO60miaWJjzRxXl8i+twyZgixTyDgpy
wvvDJOzHX0EVlCg04HhXOREdSCtKovtiwZAL51qXYiIVgX8MbvZh1lLGrEOmak5x
l4e26PgO7HVP+8J/FVXVXMB/Zge8Zz8agGM/klaqxiQKSvhfiy+w+kLsFNoXsQa0
v1JyQCGkRFuDRfGryOfgQk2f5wouby59aCHroIx0eV+BWR1mDnD8y/fksgzdMZWX
4/Llo+xzrGDmNwyN0X7t9I55kvceN+DcKrtQPaBiHUAJoyixAh9OqTjQnq3CGDw5
CfaIrJnQzJcrhmHtP8hmbiG93JyAOCnirwuCJUiam1db7nCcGiqhcavz6vymD1e3
UVbLX1wN74EzlFidOed8vmk3IzGKe7D4SPysW+WLIuYaOiqryYd1eKd38rZ+U/dz
8NqEAkEYbTw7OO2EzmqzQ0KEn/1XgXrNE5bPEXzZUQ==
=bmuJ
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]