oss-sec mailing list archives
Re: attacking hsts through ntp
From: Stephen Röttger <stephen.roettger () gmail com>
Date: Fri, 17 Oct 2014 10:17:21 +0000
The solution would be to have a more reliable PC time. How do we do
that? We're currently working on an IETF draft to bring authentication to NTP: https://tools.ietf.org/html/draft-ietf-ntp-network-time-security-04 and would be happy for people to take a look and give feedback. If you don't want to read the draft, let me know and I will outline the protocol for you.
Current thread:
- Re: attacking hsts through ntp, (continued)
- Re: attacking hsts through ntp Kurt Seifried (Oct 16)
- Re: attacking hsts through ntp Hanno Böck (Oct 16)
- Re: attacking hsts through ntp Kurt Seifried (Oct 16)
- Re: attacking hsts through ntp Michal Zalewski (Oct 16)
- Re: attacking hsts through ntp Hanno Böck (Oct 16)
- Re: attacking hsts through ntp Adam Langley (Oct 16)
- Re: attacking hsts through ntp Kurt Seifried (Oct 16)
- Re: attacking hsts through ntp Hanno Böck (Oct 17)
- Re: attacking hsts through ntp Yves-Alexis Perez (Oct 17)
- Re: attacking hsts through ntp Stephen Röttger (Oct 17)
- Re: attacking hsts through ntp Yves-Alexis Perez (Oct 18)
- Re: attacking hsts through ntp Stephen Röttger (Oct 20)
- RE: attacking hsts through ntp Bendler, Ehren (Oct 20)