Protocol needs to be written up in RFC form #810
Comments
|
Yes it does. :) |
adamierymenko
added
the
Status: Backlog
|
We've toyed around with things like GVSP: Global Virtual Switch Protocol. There are three remaining issues that we'd like to address: (1) We'll be introducing FIPS-certifiable crypto soon. The implementation for this might be closed source but it will be openly documented as part of the protocol. This is to support enterprise customers that require it. This is not necessarily stronger crypto, so people who don't require FIPS or other crypto certifications probably will not even care. (2) We need forward secrecy. This will get implemented soon. We've been swamped with other concerns. (3) The 'moons' thing needs to die in favor of something much simpler for federating VL1 infrastructure. VL2 (controllers) are of course already very easy to federate. Once those things are put to bed we do want to do an RFC-style document, or maybe even an actual RFC. |
|
FIPS is sometimes actually less secure than other options, but it is a known quantity and required checkmark for some customers. I can't imagine any reason to close source the crypto, since there are open source implementations for all of the NIST blessed algorithms. Are moons going away? I've exposed them as a "property" in the NNG ZT transport, but maybe I should unexpose them? A real RFC would make it easier for someone (like me!) to write an implementation in golang. |
This is essentially a reopening of #34 in which @adamierymenko wrote:
I think it has been out of beta for quite some time and other than the heavily commented https://github.com/zerotier/ZeroTierOne/blob/master/node/Packet.hpp I was not able to find anything. I am quite happy to just operate with
Packet.hpp, but this is certainly not the case for other people in our organisation.The text was updated successfully, but these errors were encountered: