[nine_k]

For TLS, you need a roughly correct time; being many minutes off is usually acceptable. No need for GPS clocks and other such stuff.

Ideally your machine should have a functioning battety-backed RTC. The vast majority of larger machines do.

In a data center, DHCP or well-known local addresses should offer hard-to-spoof poiners to local NTP servers for bootstrapping.

I don't see a large problem here; a reasonable startup sequence that makes sure a correct time is set before attempting TLS connections should just work. DNS requiring TLS and thus a correct system time is slightly novel, so approaches ignoring it expectedly fail.

[RedShift1]

What do you do with embedded devices where the RTC battery has died? Replace the battery but you have no way to set the clock and the device won't connect to anything anymore because its clock is off, so just throw it away then? Doesn't sound environmentally friendly... And yes CR2032 batteries can last a long time but they can also fail, just a a month ago I had to replace one that was only a year old.

[nine_k]

Attach a com port, set the date correctly, since you came to replace the battery anyway :-/

Frankly, there is a balancing act between the desire for a device to work unattended for the longest time, and security implications of running an outdated or degraded device. Now that the RTC becomes more important, equip it with better batteries :(

[RedShift1]

You can't expect everyone to do that. Some devices don't have an UART hell some even don't have the pins soldered on to them.

[johannes1234321]

... and then you have consumers, who don't know what UART, serial port or whatever might be, but just want their "smart" appliance to work.