Re: [TLS] Let's remove gmt_unix_time from TLS

Hanno Böck <hanno@hboeck.de> Wed, 11 September 2013 16:53 UTC

Return-Path: <hanno@hboeck.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57A2721E8177 for <tls@ietfa.amsl.com>; Wed, 11 Sep 2013 09:53:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.999
X-Spam-Level:
X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MANGLED_BACK=2.3, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ETKNe6vEjwYQ for <tls@ietfa.amsl.com>; Wed, 11 Sep 2013 09:53:43 -0700 (PDT)
Received: from zucker.schokokeks.org (zucker.schokokeks.org [178.63.68.96]) by ietfa.amsl.com (Postfix) with ESMTP id B3DFB21E8126 for <tls@ietf.org>; Wed, 11 Sep 2013 09:53:43 -0700 (PDT)
Received: from localhost (24-134-32-151-dynip.superkabel.de [::ffff:24.134.32.151]) (AUTH: LOGIN hanno-default@schokokeks.org, TLS: TLSv1/SSLv3, 128bits, AES128-GCM-SHA256) by zucker.schokokeks.org with ESMTPSA; Wed, 11 Sep 2013 18:53:39 +0200 id 000000000000004B.000000005230A013.000067AB
Date: Wed, 11 Sep 2013 18:53:29 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@hboeck.de>
To: tls@ietf.org
Message-ID: <20130911185329.3dcd75db@hboeck.de>
In-Reply-To: <CAKDKvuw240Ug4xB3zi2w0y7pUvCwSe0nNFZ2XP2vL-tbtKT0tg@mail.gmail.com>
References: <CAKDKvuw240Ug4xB3zi2w0y7pUvCwSe0nNFZ2XP2vL-tbtKT0tg@mail.gmail.com>
X-Mailer: Claws Mail 3.9.2-dirty (GTK+ 2.24.20; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=PGP-SHA256; protocol="application/pgp-signature"; boundary="=_zucker.schokokeks.org-26539-1378918420-0001-2"
Subject: Re: [TLS] Let's remove gmt_unix_time from TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2013 16:53:54 -0000

On Wed, 11 Sep 2013 11:43:53 -0400
Nick Mathewson <nickm@torproject.org> wrote:

> Despite the late date, much of the world is still not
> synchronized to the second via an ntp-like service. This means
> that different clients have different views of the current time,
> which provides a fingerprint that helps to track and distinguish
> them.  This fingerprint is useful for tracking clients as they
> move around.  It can also distinguish clients using a single VPN,
> NAT, or privacy network.  (Tor's modified firefox avoids this by
> not sending the time.)

I can't help getting the feeling that you're trying to fix the wrong
thing here. People use computers with a wrong clock. That's the problem
here. You should try to fix that and not workaround it.

My suggestion: Tor could detect on startup if the time is correct via
ntp (or even through the tor network itself with the next server). If
its not, it refuses to start unless an option like
"iknowmytimeisbrokenandidontcare" is set. For the gui, issue a warning
and an easy option to fix the time.


-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: BBB51E42