[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Tue Mar 16 08:11:40 UTC 2004

On Monday 15 March 2004 9:44 pm, Jesper Krogh wrote:
> Sure, but that's not the way it works for my mother who's computer is on
> a dialup and a hardware-clock that goes crazy. (This is a real
> situation)

Maybe the client could use a jabber:iq:time query on the server for clock sync 
purposes.  If the remote time is "close enough" to the local time, then the 
client can proceed as normal.  Otherwise, the client can display an easily 
understandable warning message, such as:

"According to the Jabber server, your computer's clock is incorrect.  Please 
ensure your clock is set correctly to ensure proper functioning of Jabber.  
If you are certain your clock is set properly despite receiving this warning, 
please inform your Jabber server administrator, as this may be an indication 
that the server's clock is skewed."

Of course, this verification won't work properly if both the server and client 
clocks were wrong (and wrong in the same way), but this would be a very 
unlikely scenario.

We could increase the "window of opportunity" and acceptable server clock skew 
from 10 minutes to 2 hours, which should cover even the worst clock trouble, 
including off-by-one daylight savings problems.

This thread is good reading:

On a related note, clients like Psi do UTC->localtime transformations to all 
timestamps received, so ensuring the local clock is accurate is probably a 
good idea anyway, even for non-secure activity.


More information about the Standards mailing list