Giter Site home page Giter Site logo

Comments (4)

jedisct1 avatar jedisct1 commented on May 20, 2024

Hi!

The state file is essentially a backup of the in-memory state. Keys are rotated in memory, then dumped to disk; the file is never loaded except at startup time.

So, if multiple instances share the same file, this is still not going to make them use the same ephemeral keys. Which is actually totally fine, if and only if a given client is always going to hit the same container.

Using a K8S secret the same way would have the same limitation.

But that can be fixed, and I have a plan for it, that is not going to require synchronization. Generate the ephemeral key pairs using a forward-only rolling state instead of them being completely non-deterministic. That way, assuming that the rotation interval is constant (8 hours, as you correctly found), any node can compute the current key pair from any previous state.
And this will still provide forward security, up to the previously known state.

This may require a bit of changes, but I'll look into it. Even beyond K8S, that can be very useful for people running multiple servers for load-balancing or failover.

from encrypted-dns-server.

mmack avatar mmack commented on May 20, 2024

So currently it's not possible to have multiple containers with the same sdns stamp, ist that correct?

from encrypted-dns-server.

jedisct1 avatar jedisct1 commented on May 20, 2024

It is!

The stamp only includes long-term keys.

These long-term keys are used to sign short-term keys, that are rotated every 8 hours.

Multiple servers can have the same stamp. But since short-term keys are maintained by individual instances, if a client retrieves a certificate from a container, and then sends queries to a different container, shared keys won't match.

from encrypted-dns-server.

jedisct1 avatar jedisct1 commented on May 20, 2024

This still require testing, but these changes have been made.

Now, you can start the server once just to create an initial state, then copy that state on as many nodes as you want, and they will all be computing the same ephemeral keys, without explicit synchronization.

The state file can be shared, or each node can have its own.

Still, the state file should not be read-only. Always starting from the original state would work, but the startup time is proportional to how old the previously saved state is.

from encrypted-dns-server.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.