PSK support #983
Labels
Comments
Merged
|
Hopefully we are still looking into using noise. I think coming up with some PSK scheme should be doable. We don't need to go to TLS for this... |
|
The point is to avoid double encryption, which using TLS would allow us to do. If we do go to noise, it is very easy, as it has builtin PSK support.. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In order to have secure authentication for connections, and allow creating things like private networks, we need some form of pre shared key encryption support.
Using https://datatracker.ietf.org/doc/html/rfc8773 we should be able to add pre shared key support on a network level.
Before we can use this, we need support for this in rustls: rustls/rustls#174
Looking at the comments in the linked rustls issue, we might be able to use an even more rustls native approach. This needs more design & review of RFCs and implementation.s
The text was updated successfully, but these errors were encountered: