[Cerowrt-devel] DNSSEC & NTP Bootstrapping
simon at thekelleys.org.uk
Mon Mar 24 17:39:03 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
On 22/03/14 20:00, Toke Høiland-Jørgensen wrote:
> Simon Kelley <simon at thekelleys.org.uk> writes:
>> That would be possible: it would require care to make it work in
>> the face of the system time being warped by NTP. Best way may be
>> to use times() rather than time()
> Good point. Since the availability of reliable time is what we're
> waiting for, perhaps a large jump in the system clock could be
> taken to mean it has been achieved and taken as a signal to exit
> the grace period? With a timer for the case where the time is
> already accurate, of course. This would make it rather specific to
> this use case, though...
It could be done, but I'm not sure it's very _nice_.
What do people think?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Cerowrt-devel