On Wed, 16 Nov 2016, Philip Homburg wrote:
Recently, there was some discussion in homenet related to this topic, in
particular how does a device without battery backed RTC obtain the
current time.
I think that ideally this should be discussed in a security related
working group. Because a lot of this is basically how we can have long
term stable (online) signature keys.
Ok, so what I see right now is DNSSEC punting the problem somewhere else.
NTP is punting it somewhere else. TLS is punting it somehere else.
Oh, your DNSSEC key material is too old, use TLS. Oh, your time is not
accurate, use NTP. Oh you don't have time, use DNSSEC, or TLS, or magic.
Or just throw away your box, you were stupid to put it on the shelf for
the wrong 9 months.
As a whole, nobody seems to be interested in actually coming up with a
viable solution that actually fixes peoples problems. Everybody's just
punting the problem elsewhere or waving their hands and says "not our
problem".
--
Mikael Abrahamsson email: swm...@swm.pp.se
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
