[SSL Observatory] Diginotar broken arrow as a tour-de-force of PKI fail

[Gervase Markham]

On 14/09/11 01:17, Rob Stradling wrote:
> Earlier in this thread, I suggested requiring Clients to do secure time sync.  
> You replied "Er, no. :-)".  In view of Adam's comments, might you/Mozilla 
> reconsider your view on this?

It's purely my view, and hardly a well-informed one :-) If someone can
explain to me why synchronized clocks are basically essential, I may
become a convert to requiring them.

Gerv