[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: time and date
-----BEGIN PGP SIGNED MESSAGE-----
At 10:46 AM 11/26/97 +0200, Camillo Sdrs wrote:
>It has been argued that sub-second precision is virtually the same as
>on-line checks. I claim it is not. Consider a (fictional) real-time
>process control system that uses SPKI certs to queue control jobs. The
>precision for some control actions may be in milliseconds. Applying such
>an action at the wrong point in time can be catastrophic.
These control functions might need microsecond or better precision. Yes?
As one person wrote to me, off the list, it will be a long time before he
has hardware capable of doing an RSA verification in a millisecond -- so are
we talking about the time when he starts the certificate verification
process or when he ends it?
I personally think that the process control example is far fetched. If I
were programming a process control application and I were forced to use
times, I would prepare a file of control commands, each timed, and then I
might sign the whole file with a properly empowered key. I just can't see
turning each file entry into a separate SPKI certificate.
I don't doubt that we could come up with some carefully orchestrated, timed
scenario -- down to almost any time resolution -- in which keys are
empowered or not -- but if a certificate fails to validate, the choreography
is destroyed. That suggests to me that it's not a real case. If a
non-valid certificate destroys the whole system, then these certificates
aren't independent statements.
My inclination is to stay with the current format unless/until I hear
a persuasive argument. Of course, we can always add the optional ".###"
to the end of a time and comparison still works. I don't even mind changing
the BNF for that. I just don't believe we've come up with any case for
needing such precision. I'm also not convinced that it's possible to sync
clocks. I know the time protocol claims to do that, but it assumes that the
one-way internet propagation time is 1/2 the round trip time, since it can
measure only the round trip time. To gross enough precision, that's
probably true. At fine precisions, I have no way of knowing.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNIR3WRN3Wx8QwqUtAQH6yAP+ISg1Qkw+z92NCJpSlnJCW54IjsSRMBAR
0uj/K01BfK7aOGvWx4+cbzHXcwIhg7LSrbLawj67m0t/KDsTuOdGhtfORArXTgl8
vynHP2Bu/89R/+7rYUXQZ18hUegWAM4Ir8+Ac3UEibpJOHXNBg5MJbsedvEawgAT
zoBnIh3oDIY=
=iHth
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups:
References: