[Whonix-devel] #16822 [Tor]: make certificate lifetime accessible through Tor's ControlPort
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Aug 16 01:43:46 CEST 2015
#16822: make certificate lifetime accessible through Tor's ControlPort
-------------------------+---------------------
Reporter: proper | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
I am referring to the following. Sometimes user Tor logs contain something
like this.
{{{
Sep 03 10:32:59.000 [warn] Certificate already expired. Either their clock
is set wrong, or your clock is wrong.
Sep 03 10:32:59.000 [warn] (certificate lifetime runs from Aug 16 00:00:00
2014 GMT through Jul 29 23:59:59 2015 GMT. Your time is Sep 03 10:32:59
2015 UTC.)
}}}
This information is interesting in context for anonymity distributions and
secure network time synchronization, usability and whatnot. Used by Tails'
[https://git-tails.immerda.ch/tails/tree/config/chroot_local-
includes/etc/NetworkManager/dispatcher.d/20-time.sh tordate] or Whonix's
[https://www.whonix.org/wiki/Dev/TimeSync#anondate anondate].
However, these tools rely on parsing Tor's log, which is
[https://labs.riseup.net/code/issues/8977 fragile].
It would be nice, if something like
* {{{certificate/valid-after}}}
* and {{{certificate/valid-until}}}
where accessible through Tor's ControlPort.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16822>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the Whonix-devel
mailing list