@eyedeekay
&eche|on
+R4SAS
+RN
+T3s|4
+acetone
+dr|z3d
+hottuna
+orignal
+postman
+weko
An0nm0n_
Arch
FreefallHeavens
Irc2PGuest19856
Irc2PGuest2827393
Irc2PGuest33877
Irc2PGuest34200
Irc2PGuest68850
Irc2PGuest82962
Leopold
Onn4l7h
Onn4|7h
ProRu
Sleepy
Soni
T3s|4_
Teeed
aargh3
b3t4f4c3__
eyedeekay_bnc
itsjustme
limak
not_bob_afk
polistern
profetikla
qend-irc2p
rapidash
tbqdrn
theglitch
w8rabbit
x74a6
zer0bitz
zzz3
SilicaRice
what prevents someone from leaking an encrypted LS?
dr|z3d
SilicaRice: nothing.
dr|z3d
what prevents someone from leaking a private ssh key?
SilicaRice
ohh
SilicaRice
so a combination of "friendship keys" (revokable per-client destination) with encrypted LS (revokable per-client leaseset) would be the ideal DDoS protection then, on the assumption that all clients are known?
dr|z3d
depends on your threat model. "ideal" is a movable feast.
SilicaRice
a malicious client could leak the leaseset, at which point you just nuke the destination. all the other clients would still be able to connect normally but any DDoSers wouldn't.