[Whonix-devel] #16845 [Core Tor/Tor]: make unverified consensus ISOTime accessible through Tor's ControlPort

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 23 16:25:25 CEST 2017


#16845: make unverified consensus ISOTime accessible through Tor's ControlPort
-------------------------------------------------+-------------------------
 Reporter:  proper                               |          Owner:
     Type:  enhancement                          |         Status:
                                                 |  reopened
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-control needs-design maybe-bad-  |  Actual Points:
  idea                                           |
Parent ID:                                       |         Points:  medium
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by adrelanos):

 * status:  closed => reopened
 * resolution:  wontfix =>


Comment:

 This time information is supposed to be used for informational purposes
 and automated time comparison only. Not to set system clock from
 unverified consensus ISOTime, which would indeed not be secure.

 At boot time of Whonix / sdwdate would - if verified consensus ISOTime is
 not available - fall back to reading unverified consensus ISOTime. Then
 compare the result with the system clock. Use that guess inside sdwdate
 log and to inform the user what the issue with the system clock may likely
 be.

 (Usability / wording of that wouldn't be easy, but that's not something
 Tor needs to worry about.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16845#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the Whonix-devel mailing list