Skip to content

Per host encryption

Pre-release
Pre-release
Compare
Choose a tag to compare
@supernomad supernomad released this 13 Feb 05:09
· 110 commits to develop since this release
0.13.0
This tag was signed with the committer’s verified signature.
supernomad Christian Saide
GPG key ID: CC6D01AA2A212308
Learn about vigilant mode.
b650610
This commit was signed with the committer’s verified signature.
supernomad Christian Saide
GPG key ID: CC6D01AA2A212308
Learn about vigilant mode.

This release brings a brand new feature which allows end users to choose individual servers that can accept un-encrypted communication. The feature is split into two different configuration options, which consist of a boolean flag and a list of trusted servers/subnets to accept traffic from.

The theory is as follows:

  • The destination server must have un-encrypted communication enabled.
  • The destination server must consider the source server as trusted.

The above allows for the ultimate in granularity over which servers can communicate in an un-encrypted fashion. While also guaranteeing security of the rest of the end-users servers.

Assets 2
Loading