Nico Williams <n...@cryptonector.com> writes: >Yeah, but a non-persistent clock is fine if the client can learn time from >the server (and keep a different offset from system time to every server if >need be, learning system time from one of them, or from NTP, or whatever).
In many cases neither the server nor the client have clocks. They also don't have much provision for keeping track of persistent state across devices. Overall though it's a bit of a moot point because it's unlikely these devices will ever do TLS 1.3 (it's going to be enough of a pain eventually moving them to 1.2), I was just pointing out that you can't assume the presence of a clock. It may be perfectly OK to assume that anything that'll ever do 1.3 also has an accurate(ish) time source available. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
