From: Roman Mamedov <rm@romanrm.net>
To: Paul <paul@makrotopia.org>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Need for HW-clock independent timestamps
Date: Thu, 17 May 2018 10:03:25 +0500 [thread overview]
Message-ID: <20180517100325.1c542b1f@natsu> (raw)
In-Reply-To: <1526528456.18498.0@mail.makrotopia.org>
On Thu, 17 May 2018 12:40:55 +0900
Paul <paul@makrotopia.org> wrote:
> For me it looks like a problem solvable in software (as done for the
> BMX routing protocol). Why even bother to get hardware involved?
Personally I am puzzled this is even an issue in WG. Not a single other VPN
protocol mandates every node to keep a monotonically increasing counter,
including even over reboots.
This has never been an issue in Tinc and OpenVPN at least, and if I'm not
mistaken neither in IPsec. And now suddenly we have people saying everyone now
has to buy and solder in some satellite based hardware just to use a VPN.
Given this didn't even arise in other VPN solutions, surely there must be other
way to solve the "replay attack" issue, without requiring an RTC (or a
persistent counter)? Perhaps nobody has just thought long enough about finding
one, and given the project in the early stages, just using the RTC (which
"everyone has") was chosen as a quick placeholder for now?
--
With respect,
Roman
next prev parent reply other threads:[~2018-05-17 5:03 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-11 22:07 WG: " Axel Neumann
2018-05-11 22:45 ` Kalin KOZHUHAROV
2018-05-12 0:05 ` Glen Bojsza
2018-05-12 19:29 ` Axel Neumann
2018-05-12 19:41 ` Aaron Jones
2018-05-15 20:21 ` Devan Carpenter
2018-05-15 20:49 ` Kalin KOZHUHAROV
2018-05-16 7:10 ` Matthias Urlichs
2018-05-16 19:32 ` Axel Neumann
2018-05-16 20:32 ` Steve Gilberd
2018-05-17 3:40 ` Paul
2018-05-17 5:03 ` Roman Mamedov [this message]
2018-05-17 5:53 ` Matthias Urlichs
2018-05-17 7:07 ` Axel Neumann
2018-05-17 8:28 ` Matthias Urlichs
2018-05-16 20:35 ` Kalin KOZHUHAROV
2018-05-12 22:10 ` Toke Høiland-Jørgensen
2018-05-12 23:05 ` Reuben Martin
2018-05-13 6:11 ` Matthias Urlichs
2018-05-13 12:37 ` Toke Høiland-Jørgensen
2018-05-16 7:01 ` Axel Neumann
2018-05-16 9:38 ` Toke Høiland-Jørgensen
2018-05-16 11:08 ` Matthias Urlichs
2018-05-16 11:12 ` Axel Neumann
2018-05-13 14:21 ` Wang Jian
2018-05-21 10:07 ` WG: " Axel Neumann
2018-05-21 11:22 ` Reto Brunner
2018-05-21 11:52 ` Axel Neumann
2018-05-21 12:31 ` Axel Neumann
2018-05-21 12:35 ` Reto Brunner
2018-05-21 13:53 ` Matthias Urlichs
2018-05-21 14:56 ` Bruno Wolff III
2018-05-21 15:34 ` Matthias Urlichs
2018-05-22 20:25 ` Ivan Labáth
2018-05-23 2:51 ` Matthias Urlichs
2019-02-04 14:56 ` Jason A. Donenfeld
2019-02-23 4:00 ` Axel Neumann
2019-02-23 12:35 ` Ivan Labáth
[not found] <1324673763.992877.1526187430298.ref@mail.yahoo.com>
2018-05-13 4:57 ` reiner otto
2018-05-13 12:35 ` Toke Høiland-Jørgensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180517100325.1c542b1f@natsu \
--to=rm@romanrm.net \
--cc=paul@makrotopia.org \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).