Protection against rogue time-changes (use integrity protecting time protocol)

[rugk]

It would be very good to have some protection against time-change attacks (e.g. important for 2FA/TOTP, HSTS and HPKP and HTTPS certs in general).

I would encourage you to use tlsdate by @ioerror: https://github.com/ioerror/tlsdate/

[thestinger]

Google appears to be adopting tlsdate upstream: https://android.googlesource.com/platform/external/tlsdate/. It's possible that it will be part of 7.0. So it wouldn't be a great thing to work on in CopperheadOS since it seems to be happening already.

[thestinger]

Google appears to be adopting tlsdate upstream: https://android.googlesource.com/platform/external/tlsdate/. It's possible that it will be part of 7.0. So it wouldn't be a great thing to work on in CopperheadOS since it seems to be happening already.

[thestinger]

They never ended up using tlsdate for mobile, only Android Things uses it for now. I'll keep trying to get this done upstream just like DNS over TLS because they do want to do that kind of thing.

[thestinger]

They never ended up using tlsdate for mobile, only Android Things uses it for now. I'll keep trying to get this done upstream just like DNS over TLS because they do want to do that kind of thing.