[SSL Observatory] Diginotar broken arrow as a tour-de-force of PKI fail
Gervase Markham
gerv at mozilla.org
Fri Sep 16 18:25:55 PDT 2011
On 14/09/11 01:17, Rob Stradling wrote:
> Earlier in this thread, I suggested requiring Clients to do secure time sync.
> You replied "Er, no. :-)". In view of Adam's comments, might you/Mozilla
> reconsider your view on this?
It's purely my view, and hardly a well-informed one :-) If someone can
explain to me why synchronized clocks are basically essential, I may
become a convert to requiring them.
Gerv
More information about the Observatory
mailing list