[Cryptography] On the deployment of client-side certs
natanael.l at gmail.com
Wed Nov 23 04:43:40 EST 2016
Den 23 nov 2016 02:09 skrev "Phillip Hallam-Baker" <phill at hallambaker.com>:
> For security purposes, access to a reasonably accurate clock is really
important. I am aware of Secure NTP of course. But... Well for my purposes,
I really want multiple statements about time:
> 1) A statement that applications can be ~100% certain of that states
'this time has passed' which can be 24, 48 hours in the past.
> 2) A statement that applications can be reasonably certain of, that a
trusted party asserts that the current time is within 10 seconds of a
> 3) An untrusted statement that the current time is X which is accurate to
100ms or better
> That combined with the ability to make statements of the form 'I want to
do X provided you can complete before the time you think is Y' allow me to
address most of my time based security concerns.
Uses multiple servers and nonces + hash chaining to establish a verifiable
direction of time / order of events, with high accuracy in timing.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography