[Whonix-devel] Hidden Service as Time Source

• Previous message: [Whonix-devel] SecureDrop
• Next message: [Whonix-devel] Hidden Service as Time Source
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi Thomas!

As you know, I am a developer of an anonymity centric distribution.
Similar to TAILS but optimized for virtual machines. The Whonix Project.

In the same way, we need to use a source to calibrate our system clock.
That isn't NTP, for one because NTP uses UDP and the Tor network does
not support UDP and a few other reasons. The way this is done at the
moment is to fetch HTTP headers over SSL from trusted servers and use
the timestamp data at the time.

We wanted to get rid of SSL and make use of the strong security
properties of Tor's end to end encryption for Hidden Services to
safeguard against clearnet SSL man in the middle attacks, that are
within reach of powerful adversaries at the moment.

We are asking permission to use your Hidden Service[s] instance[s]
as one of our time sources.

We are going to add multiple trustworthy hidden services to the list for
redundancy and to distribute the load. Our estimated user base is 5000.
The requests will only involve fetching a HTTP header from your server.

By replying to this e-mail, your answer will be posted on the
whonix-devel public mailing list. Please let us know if this use case is
alright with your Hidden Service[s] instance[s].

Cheers,
Patrick

-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJU08JAXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2RTk3OUIyOEE2RjM3QzQzQkUzMEFGQTFD
QjhENTBCQjc3QkIzQzQ4AAoJEMuNULt3uzxIwzUP+gIrUqeHlkkos3ewfjv5A1w/
fdZ5VdNzMSqDNB9di2LFJ+54LnGDcSF4GaXU2TTzg/OkAU6MHDpRUUzZAGI8zTBX
4aEp5pkitAPdIgqw7QEO/qol2zwjV++mocdY8fkIhRRLIJkTHvPkVMoq+9OsGTQU
T5DH/I8tFDqJOEoOnJ9twwJdTqVU9C5x5vsKmpX9Sa10WHfowQRLhkshN14O8jyx
iepMoC6Pw7TNxJbQKmJkokkpxfiXs+FFSXQUgrmS8gUT05uSfUjjRRNmYp3uVhu9
tPXLGv2CaRWWE5W6g00g/0p0qdb7hp+9iMzpdd9JF8ha8cwLvIcx98EDIl0zwH53
clReLg+XlAnytXN0Ih679f9OCByD/0pqdEeHDNHrvB5DM9467FCO1t0CLttdDMJn
IBRyeMaGTVfPBQY6xYQ+oS+qSfbSVhbVZBREjtKT4qLqSO8ESoEc/hbCxrMUA3H/
eg+oCdigYfv+PixAf/RpHeW+w5ezgZ0FKdTJ4XWLG/hm5V/Tr314q10DYeIcnAwq
bqlxWIUzkNioLwumNoTGuI6sN8RwYGK1DnPD6bA0eWcR/If1PgPOu4ZmRauNowCp
/d6Wp0Ihv9g+/LtDJWckh3UEvIRe/4VuFUYzVWdxVDa47uuKXHAfWXQJaXTuTJlU
JfQ8jYvBBmkPtgaI1fJm
=C0eO
-----END PGP SIGNATURE-----

• Previous message: [Whonix-devel] SecureDrop
• Next message: [Whonix-devel] Hidden Service as Time Source
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]