-->
Page 1 of 1

using NTP server for time validation of certificate

PostPosted: Thu Apr 04, 2019 7:31 am
by whyameye
The BearSSL_Validation example shows a certificate from a server validated in part by confirming the certificate's dates for validation are consistent with the time as verified by an NTP server. But how do we validate the NTP server itself? Couldn't a fake NTP server be giving us an invalid date so that an expired certificate doesn't appear expired to us?