Re: [TLS] Consensus Call on Removing GMT from the Handshake
Jacob Appelbaum <jacob@appelbaum.net> Mon, 16 June 2014 23:31 UTC
Return-Path: <jacob@appelbaum.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99E6F1A02C9 for <tls@ietfa.amsl.com>; Mon, 16 Jun 2014 16:31:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yp3h_4jW23tQ for <tls@ietfa.amsl.com>; Mon, 16 Jun 2014 16:31:23 -0700 (PDT)
Received: from mail-qc0-f171.google.com (mail-qc0-f171.google.com [209.85.216.171]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E80AF1A02C8 for <tls@ietf.org>; Mon, 16 Jun 2014 16:31:22 -0700 (PDT)
Received: by mail-qc0-f171.google.com with SMTP id w7so8934171qcr.2 for <tls@ietf.org>; Mon, 16 Jun 2014 16:31:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=8lYoPlXuKfXx2dnR8cL/nB3lY/yrUcs/Isl3b4lF/uU=; b=Hn4xi3bvfLz2w3kWm6hKxZjj494ZTYI04saGMNUJAhcFd3OF39KCHQ045a8BArXVuc N0f/Yw5L2/tvv7ynMHSKpYcxhFqW3jTaRyPCQ3SqEjZJ3v9aSlXTIUZVL/16hWwxjR1b 8NFrfkX0LVWAhYO5yYWBhtqhK20WvU4NdAM72BdnLgnM6HK2he/d13ijWNq6MhsIdG0V LjwS48bICUvd9Uk7ee30v59h73dWI9+bu8b9ZJac6SFD0ASr6aG80/bB+v0GTmwjmezZ fcNgzruCQ3qSfXOJKDAR/QY+1l71IJ50Nh8M3GMfQD5+EJ/vK4qTtOik/dRNRH5SK/LV /GVw==
X-Gm-Message-State: ALoCoQk9FJsbfP8wH5z7aQpJLU3DTjPo5lzTbyPAB1sSXT819jmeuXTJPOwDlA3PGHwDHZP5xRfs
MIME-Version: 1.0
X-Received: by 10.224.63.145 with SMTP id b17mr30389547qai.38.1402961482186; Mon, 16 Jun 2014 16:31:22 -0700 (PDT)
Received: by 10.140.87.55 with HTTP; Mon, 16 Jun 2014 16:31:22 -0700 (PDT)
X-Originating-IP: [77.247.181.163]
In-Reply-To: <CAKDKvuyOKSLo-hZUWKUL1S=Nkw9kLo69iE4ftyXg8Tn=2yhGcA@mail.gmail.com>
References: <FA6199E3-0994-43FC-89BA-9F236F8567A0@cisco.com> <CAFggDF1CRwfvvj2HBD=6x4-+Q514XqKuLu-o3Zxy89BzLuShQQ@mail.gmail.com> <914e7a8836ad1efd761f7d867c5cb881.squirrel@www.trepanning.net> <CACsn0cnBoK5hJkOs79t2+9kP2JUP0_Xm0K+XuD1XCWV_H=JjsQ@mail.gmail.com> <44dfb2038035a40e77c717052f7627ee.squirrel@www.trepanning.net> <CABqy+soqdaOP0M-O-t_tBuwq4nTpARyL7FafpuLx5ghTA_8G2Q@mail.gmail.com> <CAKDKvuyOKSLo-hZUWKUL1S=Nkw9kLo69iE4ftyXg8Tn=2yhGcA@mail.gmail.com>
Date: Mon, 16 Jun 2014 23:31:22 +0000
Message-ID: <CAFggDF3sBXwGDDDzVtrdF_vW9YjkYbTvi4XgjJkh6wFF1pc7ZQ@mail.gmail.com>
From: Jacob Appelbaum <jacob@appelbaum.net>
To: Nick Mathewson <nickm@torproject.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/u4EADT-0RcO6URi4v2iY9yDGriI
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on Removing GMT from the Handshake
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jun 2014 23:31:24 -0000
On 6/16/14, Nick Mathewson <nickm@torproject.org> wrote: > On Mon, Jun 16, 2014 at 4:28 AM, Robert Ransom <rransom.8774@gmail.com> > wrote: > [...] >> The more important (widely deployed) use of tlsdate is in Google's >> ChromeOS, which is probably why Adam Langley wants to not immediately >> turn off that timestamp field on Google's servers. Since Google >> controls both the client software and the servers used for tlsdate in >> ChromeOS, their use of tlsdate should be completely safe. > > For what it's worth, I believe that recent versions of tlsdate also > support learning the current time from an HTTPS "Date:" header, so > there's a plausible upgrade path there. Yes, that is exactly correct - it isn't clear to me if Google has switched to this specific method of using tlsdate. Thanks again for the patch! > > (Anybody who is interested in security and time should have a look > over at the NTP working group. If I'm not mistaken, they've been > discussing an open draft that tries to improve the state of security > in NTP.) That sounds great - thanks for the heads up. All the best, Jacob
- [TLS] Consensus Call on Removing GMT from the Han… Joseph Salowey (jsalowey)
- Re: [TLS] Consensus Call on Removing GMT from the… Martin Thomson
- Re: [TLS] Consensus Call on Removing GMT from the… Adam Langley
- Re: [TLS] Consensus Call on Removing GMT from the… Jacob Appelbaum
- Re: [TLS] Consensus Call on Removing GMT from the… Michael Staubermann
- Re: [TLS] Consensus Call on Removing GMT from the… Russ Housley
- Re: [TLS] Consensus Call on Removing GMT from the… Dan Harkins
- Re: [TLS] Consensus Call on Removing GMT from the… Watson Ladd
- Re: [TLS] Consensus Call on Removing GMT from the… Dan Harkins
- Re: [TLS] Consensus Call on Removing GMT from the… Robert Ransom
- Re: [TLS] Consensus Call on Removing GMT from the… Nick Mathewson
- Re: [TLS] Consensus Call on Removing GMT from the… Dan Harkins
- Re: [TLS] Consensus Call on Removing GMT from the… Jacob Appelbaum
- Re: [TLS] Consensus Call on Removing GMT from the… Jacob Appelbaum