I think the various comments are correct that Denning's scheme won't work across the Internet as it currently exists. Any network with latencies in the multiple milliseconds and up will allow the fraud where the remote node lies about its latency in order to allow it to move some of the received data "forward in time", which is necessary but would not be possible if latency were known and fixed. Note however that Denning did not mention the Internet in her spiel. I believe her method would be workable across lower latency networks, if such exist or eventually exist. Perhaps direct connections or leased lines would provide low enough latency; I don't know. In any case networks are likely to become faster in the future and her method might eventually work. Actually the issue is not just latency but whether the latency can be lied about, and for some kinds of networks that would be harder. The method of using authenticated devices which provide timestamped data from satellites not visible to the authenticating site does not need to provide that data in real time. Even if it is delayed so it comes in later than the data from the remote site, the verifying site can still use it to calculate what the remote site should have been seeing, and so get the benefit of using timings from all the satellites visible to the remote site (again, assuming the remote site itself has a low latency connection to the authenticating site). They do mention that in urban or other obstructed locations a partial view of the sky may be adequate. But of course if all the satellites visible to the remote site are in the south, it can move its apparently location north by using older data. So for the system to work there must be satellites visible in all parts of the sky (no line you can draw through your location which puts all satellites on one side of that line). Hal