#11425 NORM Not Tri: Need a secure field mechanism for setting RTC

Zarro Boogs per Child bugtracker at laptop.org
Wed Nov 9 14:33:05 EST 2011 

#11425: Need a secure field mechanism for setting RTC
-------------------------------------------+--------------------------------
           Reporter:  reuben               |       Owner:  reuben       
               Type:  enhancement          |      Status:  new          
           Priority:  normal               |   Milestone:  Not Triaged  
          Component:  ofw - open firmware  |     Version:  not specified
         Resolution:                       |    Keywords:               
        Next_action:  never set            |    Verified:  0            
Deployment_affected:                       |   Blockedby:               
           Blocking:                       |  
-------------------------------------------+--------------------------------
Changes (by wmb at firmworks.com):

  * owner:  wmb at firmworks.com => reuben


Comment:

 I hope we talking about a deployment with their own signing keys.  It is
 probably not a good idea for OLPC to sign a script that will force the
 date.

 The script would be:

 {{{
 \ OLPC Boot script to update RTC to a hardcoded time - e.g. 2011-11-9
 12:00:00
 decimal
 0 0 12  9 11 2011  " set-time" clock-node @ $call-method
 }}}

 Another alternative would be to use NTP.

 This recipe assumes that you have an open access point named MYAP, and
 either:

 a) A DHCP server that reports the IP address of an NTP time server

 b) A DNS server that resolves the name "time" to the IP address of an NTP
 time server

 c) An NTP server at the address 172.18.0.1

 or

 d) A router that allows access to one of 0.pool.ntp.org, 1.pool.ntp.org or
 2.pool.ntp.org

 {{{
 \ OLPC Boot script to set RTC via NTP
 essid MYAP
 ntp-set-clock
 }}}

 Instead of the specific wireless AP, you could plug in a USB ethernet
 adapter, in which case the recipe would reduce to:

 {{{
 \ OLPC Boot script to set RTC via NTP
 ntp-set-clock
 }}}

 The above reduced recipe would also apply if the AP SSID happened to be
 the OFW default "OLPCOFW".

 In the event that the default NTP search order "DHCP time 172.18.0.1
 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org" is unacceptable, it can be
 overridden with, for example:

 {{{
 \ OLPC Boot script to set RTC via NTP
 : my-time-server  " 192.168.1.1"  ;  ' my-time-server to ntp-servers
 ntp-set-clock
 }}}

 I'm reassigning back to reuben to choose one of those recipes, or if none
 is acceptable, to provide additional guidance about other constraints.

-- 
Ticket URL: <http://dev.laptop.org/ticket/11425#comment:1>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system

More information about the Bugs mailing list