WHY does clock-back cure login? Suggests it's deliberate

Coupled with the fact that without this cludge the login server rejects us instantly and without hesitation, it suggests to me that something very deliberate is going on.

ie, that we are not being rejected because our logins are being attempted, and failing, (surely that would take longer) but because some sort of overload switch has been deliberately thrown in the login server to reject us without bothering to try, based on some clock calculation.

Like how long since we last tried to log on?

If our clock is sufficiently different from last time we tried, we are instantly acceptable. Maybe it cant tell plus from minus, and thinks we last tried 24hrs ago?

This doesnt seem an entirely logical explanation, but maybe its on the right track? A deliberate, selective, time-based rejection mechanism ?

If so, I think we should be told. Particularly since we have now caught on, rendering it useless for its intended purpose. Well, only for those who read the forum, I suppose.

I gotta sleep, why dont the rest of you do some detective experiments with different clock settings ? Or is it too late ? Is it switched off ?

It is not deliberate. It has nothing to do with how long since you last logged in, and everything to do with an expired certificate.

They're doing their best to get it fixed asap.

Not that that helps when you're frustrated and what to log in.

An expired certificate ?
Could you explain a bit more please nikki, and why the clock kludge works?
How do you know this ?

I like to know exactly how and why I'm suffering. A foible of mine.

Alright. Here's a simple version that isn't totally and precisely technically correct, but it's close enough for non-geeks.

Your connection to SL is a fairly standard one, as connections over the Internet go. A secure, encrypted connection usually requires that you check a keycode, or "certificate", with one of several central authorities in order to verify that you're really connecting to who you ought to be.

For security reasons, these certificates expire at a certain time. For some reason, the certificate used by the LL servers expired and has not been renewed, which means unless you fool it into thinking it's the 19th, the connection is automatically refused as the verification fails. Or your computer is unable to verify the certificate for other reasons.

I know this primarily because, when I had problems with this some time ago, Lee Linden gave me the following answer:




Since everyone's date (or at least, the vast majority) was correct, and it had to be set to the PAST for logins to function, this indicates to me that the certificate had in fact, expired. Because, if the login works and your connection can be authenticated by setting your clock to the past - then the certificate was valid UP UNTIL yesterday.

Of course - it's just the way my mind worked it out via what I percieve as logic. I could be WAY wrong - and maybe the certificate IS NOT expired, but everyone's client THINKS it is.

I don't think it's any devious plot on the Lindens' part to keep us all out of SL - and/or piss us off.

I was never suggesting that any deliberateness was malicious or to piss us off. Maybe an attempt at an automatic process to share login opportunities around more fairly, which was perhaps misfiring.

The certificate thing does seem more likely, but isn't it a security weakness in the whole certificate system to take the clients clock on trust, whatever it says ? Odd.

More to the point, if it IS just an expired certificate, could we ask the Lindens to please stop failing to update it ? This exact same thing has happened on numerous occasions before.