[retronet] WireGuard VPN keys…

[Grant Taylor]

On 09/12/2018 03:54 AM, Michael Kjörling via retronet wrote:
> This sounds good. It also appears to me to have the side benefit that 
> if someone does screw up, at least nobody else is _directly_ affected, 
> no matter who does the screwing up.

Agreed.

I think it will be very difficult for a member to mess up bad enough to 
adversely effect the entire network.  They might be able to mess up and 
effect people that they are connected to that have also accepted 
connections from them.  Thus RetroNet Services might be in a somewhat 
unique position.  But we will take steps to minimize the risk.

> Even if a Service node gets compromised, this only allows an attacker 
> access to the baseband traffic of the VPN link, which can be encrypted 
> in its own right if desired (say, using TLS, or separately negotiated 
> encrypted tunnels within the VPN). I also find it unlikely that traffic 
> on RetroNet would be particularly sensitive in nature.

Agreed.

We have even talked about a VPN inside of the VPN for people that want a 
member to member connection without having to establish a VPN between 
themselves.  That way even the RetroNet Core team wouldn't be able to 
access the traffic.

I don't think there will be anything too sensitive in RetroNet.  That 
being said, I do want people to be able to run their email through it. 
So we may have some things that people would rather not get out.

> Sounds good, and is in line with at least my interpretation of RFC 7258 / 
> BCP 188.

$ReadingList++

I'll have to skim RFC 7258 to see if there are any other Best Current 
Practices that we should include.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.chivanet.org/pipermail/retronet/attachments/20180912/15400fb0/attachment.bin>