On Sun, Jul 13, 2008 at 02:13:08AM +0200, Franklin PIAT wrote:
If we also consider the fact that the computer local time might be wrong (hwclock bug + a ntp man-in-the-middle...), re-signing the files doesn't help either [in this very specific case].
I think that your average user would notice if the time were wrong. Even if the user isn't in an environment that is time-sensitive (e.g. a network using Kerberos), most people would wonder what happened if their computer's time were suddenly several days off. I think the much more likely case is that the time is accidentally incorrect, such as when a new machine is first installed. That may affect the installation of ntp itself, perhaps. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 713 440 7475 | http://crustytoothpaste.ath.cx/~bmc | My opinion only troff on top of XML: http://crustytoothpaste.ath.cx/~bmc/code/thwack OpenPGP: RSA v4 4096b 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
Description: Digital signature