[Whonix-devel] Hidden Service as Time Source
thomaswhite at riseup.net
Thu Feb 5 23:19:06 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Yes that's fine. Some of my hidden services are as follows:
On 05/02/2015 19:19, Patrick Schleizer wrote:
> Hi Thomas!
> As you know, I am a developer of an anonymity centric
> distribution. Similar to TAILS but optimized for virtual machines.
> The Whonix Project.
> In the same way, we need to use a source to calibrate our system
> clock. That isn't NTP, for one because NTP uses UDP and the Tor
> network does not support UDP and a few other reasons. The way this
> is done at the moment is to fetch HTTP headers over SSL from
> trusted servers and use the timestamp data at the time.
> We wanted to get rid of SSL and make use of the strong security
> properties of Tor's end to end encryption for Hidden Services to
> safeguard against clearnet SSL man in the middle attacks, that are
> within reach of powerful adversaries at the moment.
> We are asking permission to use your Hidden Service[s] instance[s]
> as one of our time sources.
> We are going to add multiple trustworthy hidden services to the
> list for redundancy and to distribute the load. Our estimated user
> base is 5000. The requests will only involve fetching a HTTP header
> from your server.
> By replying to this e-mail, your answer will be posted on the
> whonix-devel public mailing list. Please let us know if this use
> case is alright with your Hidden Service[s] instance[s].
> Cheers, Patrick
Activist, anarchist and a bit of a dreamer.
PGP Keys: key.thecthulhu.com
Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
XMPP: thecthulhu at jabber.ccc.de
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Whonix-devel