Arturo Servin wrote: >>> 3) A relying party thus requires a demonstration that is secure against a >>> replay attack from one or more trusted parties to be assured that the time >>> assertion presented is current but this need not necessarily be the same as >>> the source of the signed time assertion itself. >> >>> The real design decision is who you decide you are going to rely on for >>> (3). TLS is proof against replay attack due to the exchange of nonces. >> >> How can you get secure time to securely confirm that a certificate >> of TLS has not expired? >> >> Use yet another PKI? > No, you have your own clock. No, you can't, because the original assumption by Jim is: > 1) DNSSEC needs to have the time within one hour. But these > devices do not have TOY clocks (and arguably, never will, nor > even probably should ever have them). Even if you can, you can't be sure that the clock is accurate enough. Thus, PKIs requiring time stamps for expiration or CRL are broken. Masataka Ohta