update roadmap

Also changed system time exposure link.
2022-05-27 00:00:00 +00:00 · 2022-05-27 00:00:00 +00:00 · ed080df734
parent 66c6af2f8c
commit ed080df734
1 changed files with 1 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -3,7 +3,7 @@
 This test:

 * reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
-* can be used to check for TLS privacy pitfalls ([session resumption](https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf), [TLS fingerprinting](https://tlsfingerprint.io/), [system time exposure](https://datatracker.ietf.org/doc/html/rfc5246/#section-7.4.1.2));
+* can be used to check for TLS privacy pitfalls ([session resumption](https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf), [TLS fingerprinting](https://tlsfingerprint.io/), [system time exposure](https://datatracker.ietf.org/doc/html/draft-mathewson-no-gmtunixtime));
 * supports both HTTP and [Gemini](https://gemini.circumlunar.space/) on the same port;
 * is [free as in freedom](https://www.gnu.org/philosophy/free-sw.en.html) and trivial to self-host.

@ -20,7 +20,6 @@ See [INSTALL.md](INSTALL.md).

 ## Roadmap

-* detect if client random begins with UNIX timestamp, as per [RFC 5246, section 7.4.1.2](https://datatracker.ietf.org/doc/html/rfc5246/#section-7.4.1.2)
 * HTML & gemtext front-end
 * documentation
 * detect client vulnerability to session [prolongation attacks](https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf#page=3)