Why does time matter in web services?

Question

Why does time matter in web services?

In WCF web services (or all web services?), If client and server time is off, you get a security exception.

Can someone explain to me why this is?

Is it a pain if you are creating client server services and the time has to be accurate?

see: http://msdn.microsoft.com/en-us/library/aa738468.aspx

0

web-services

Blankman Dec 30. At 21:29

source to share

3 answers

I saw it too.

I guess it's protection. This will make it difficult to record and play messages and resend them to the service.

0

Arjan Einbu Dec 30. 09 at 21:36

source to share

Just use NTP on the server and client to keep their clocks in sync and you should be fine (if I'm missing something specific). NTP has servers all over the world and can run on both Unix and Windows. On Windows, this is even a system property, since at least WinXP times: check the Date and Time box on the Internet Time tab and enter any of the public NTP servers closest to you.

0

Gnudiff Dec 30. 09 at 10:35 pm

source to share

Darron · Accepted Answer · 2008-12-30T21:35:47+0000

I strongly suspect this should make replay attacks more severe. These are attacks where a legitimate request and / or response received by an attacker is resent at a later date.

Why does time matter in web services?

More articles: