On Tue, 18 Sep 2007 13:51:55 -0400 Valdis.Kletnieks@vt.edu wrote:
On Tue, 18 Sep 2007 09:27:32 PDT, Bora Akyol said:
It is not dependent on time. You'd like a protocol to be self sufficient if at all possible.
Moving the vulnerability of one protocol to another is not highly desirable in general.
The interesting failure mode is, of course, what happens when you're not in time sync, so the routing protocol falls over - and due to the lack of routing table entries, you become unable to reach your timesource.
I've been talking with Xin offline, and raised that exact point. That said, in some security contexts there's little choice: you have to have some way to assure that a message is fresh. There are other choices in some environment, such as monotonically increasing counters and challenge/response protocols; depending on other decisions and the particular context, these may be worse or not even possible. For example, if someone several hops away from the origination needs to examine a signed *object*, a timestamp is probably better than a counter, and challenge/response isn't even possible. That doesn't make timestamps good -- and they do have many disadvantages -- but they may be the only choice. --Steve Bellovin, http://www.cs.columbia.edu/~smb