* Eugene V. Lyubimkin: > Florian Weimer wrote: >> And if Valid-Until is only checked against the real-time clock, the >> attacker can still feed bad data over NTP, so it's not even a complete >> defense. 8-( > > However, it seems there is no better solution, or is there? A counter in the style of a Lamport clock should work, or checking that the Valid-Until header does not recede in time.