Mailinglist Archive: opensuse (807 mails)
| < Previous | Next > |
Re: [opensuse] secure time
- From: Per Jessen <per@xxxxxxxxxxxx>
- Date: Fri, 16 Apr 2010 11:33:13 +0200
- Message-id: <hq9asp$gdq$1@xxxxxxxxxxxxxxxx>
Hans Witvliet wrote:
Regardless, you still don't need ntp-style accuracy. Just set your
system clock from a website (manually) and that'll suffice. Assuming
your PC is capable of running a stable clock for the time it takes to
generate the CA.
--
Per Jessen, Zürich (8.2°C)
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
On Fri, 2010-04-16 at 11:21 +0200, Per Jessen wrote:
Hans Witvliet wrote:
To explain the sitiation a bit better:
I'm drawing up a list of steps to take for installing a CA.
One of the aspects is that i want to be sure that my time is
correct. This is, because the certificate defines explicitly an
begin/ending date of the validity.
Hmm, you don't need NTP-style accuracy for that. A couple of seconds
to one side or the other makes no difference.
No, but if someone manage to shift it a year, makes a crt, shift it
again, another crt,....
(perhaps i'm getting paranoid)
Regardless, you still don't need ntp-style accuracy. Just set your
system clock from a website (manually) and that'll suffice. Assuming
your PC is capable of running a stable clock for the time it takes to
generate the CA.
--
Per Jessen, Zürich (8.2°C)
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |