1"Lets parasitically pool TLS resources into a single location!" 2 3ntp has pool.ntp.org which currently hosts around ~3000 machines. 4tlsdate has only the wild internet's pool of TLS/SSL machines. 5 6It is believed that there are around ~185,000 reasonable SSL/TLS servers in the 7genepool that is the internet. 8 9To discover the relevant systems in the genepool we will conduct scans and 10collect data of SSL/TLS services for the entire internet. When a server is 11discovered and it is confirmed to have a reasonably accurate clock, we will 12store it in the genepool list. 13 14The genepool list will first be a text file included with tlsdate and tlsdate 15will have an option to use the local genepool; it will randomly select an entry 16from the list and use it for timing information. 17 18The genepool list will be in the following CSV format: 19 20 hostname,port,last known IP address, protocol 21 22Currently, the default protocol is TLSv1 unless otherwise specified. Fields may 23include sslv2, sslv3, tlsv1, tlsv1.1, tlsv1.2, xmpp, pop3, imap and other 24STARTTLS enabled protocols. 25 26Eventually, we propose that a simple DNS query interface located at 27genepool.tlsdate.net should return random entries from the genepool list. It 28should only host records of machines that have correct timing information in 29their SSL/TLS handshakes. The data returned will optionally be a TXT record 30containing a line from a regularly updated genepool cache file or an A/AAAA 31record for the host. 32