maas-devel team mailing list archive

Thread
Date

Re: Clock skew and OAuth

To: Robie Basak <robie.basak@xxxxxxxxxxxxx>
From: Gavin Panella <gavin.panella@xxxxxxxxxxxxx>
Date: Mon, 20 Aug 2012 17:17:19 +0100
Cc: maas-devel@xxxxxxxxxxxxxxxxxxx, Scott Moser <scott.moser@xxxxxxxxxxxxx>
In-reply-to: <20120820154105.GC28213@mal.justgohome.co.uk>
Sender: gavinpanella@xxxxxxxxx

On 20 August 2012 16:41, Robie Basak <robie.basak@xxxxxxxxxxxxx> wrote:
> Scott pointed out a flaw in this to me offline. I had assumed that the
> clock is only wrong by being in the past, and this solution will not
> address the problem of the clock being wrong by being in the future.
>
> But AIUI now, this is problem on machines which have previously been
> running on other OSes with the hardware clock set to local time rather
> than UTC.
>
> This may completely wipe out my proposal, since we can only safely move
> the time towards the future with this plan, and not towards the past.

Is there any such thing as a time-since-power-on clock? That, in
combination with it_is_after, would give us a semi-reliable upper
bound on the correct time.

Follow ups

Re: Clock skew and OAuth
From: Julian Edwards, 2012-08-21
Re: Clock skew and OAuth
From: John Arbash Meinel, 2012-08-20

References

Clock skew and OAuth
From: Julian Edwards, 2012-06-27
Re: Clock skew and OAuth
From: Jeroen Vermeulen, 2012-06-27
Re: Clock skew and OAuth
From: Julian Edwards, 2012-06-27
Re: Clock skew and OAuth
From: Scott Moser, 2012-06-27
Re: Clock skew and OAuth
From: Robie Basak, 2012-08-06
Re: Clock skew and OAuth
From: Gavin Panella, 2012-08-07
Re: Clock skew and OAuth
From: Robie Basak, 2012-08-07
Re: Clock skew and OAuth
From: Gavin Panella, 2012-08-20
Re: Clock skew and OAuth
From: Robie Basak, 2012-08-20