From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: mino@minux.it Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 1a5bff54 for ; Tue, 22 May 2018 13:42:14 +0000 (UTC) Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id b565844d for ; Tue, 22 May 2018 13:42:13 +0000 (UTC) Received: by mail-vk0-x22f.google.com with SMTP id g72-v6so10911078vke.2 for ; Tue, 22 May 2018 06:43:19 -0700 (PDT) MIME-Version: 1.0 From: Giacomo Bernardi Date: Tue, 22 May 2018 14:42:42 +0100 Message-ID: Subject: Key distribution and rotation tools? To: wireguard@lists.zx2c4.com Content-Type: multipart/alternative; boundary="000000000000dba0af056ccb9946" List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , --000000000000dba0af056ccb9946 Content-Type: text/plain; charset="UTF-8" Hello list, I am aware that WireGuard does not include a mechanism to distribute and rotate pre-shared secrets by design [1]. However, even discounting a full-blown PKI, in large deployments one needs to automate the generation/distribution/rotation of those pre-shared keys on endpoints. I unsuccessfully scouted around for tools that would fit in this space, did I miss anything? Any suggestions? Thanks! Giacomo [1] "All issues of key distribution and pushed configurations are out of scope of WireGuard; these are issues much better left for other layers, lest we end up with the bloat of IKE or OpenVPN." ( https://www.wireguard.com/#conceptual-overview) --000000000000dba0af056ccb9946 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello list,=C2=A0
I am aware that=C2=A0Wire= Guard does not include a mechanism to distribute and rotate pre-shared secr= ets=C2=A0by design [1].

= However, even discounting a full-blown PKI, in large deployments one needs = to automate the generation/distribution/rotation of those pre-shared keys o= n endpoints.=C2=A0

I unsuccessfully scouted around= for tools that would fit in this space, did I miss anything? Any suggestio= ns?

Thanks!
Giacomo

=


[1] "All issues of key distribution= and pushed configurations are out of scope of WireGuard; these are issues = much better left for other layers, lest we end up with the bloat of IKE or = OpenVPN." (= https://www.wireguard.com/#conceptual-overview)


--000000000000dba0af056ccb9946-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Jason@zx2c4.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 03da2fd2 for ; Tue, 22 May 2018 22:00:19 +0000 (UTC) Received: from frisell.zx2c4.com (frisell.zx2c4.com [192.95.5.64]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id d32d0488 for ; Tue, 22 May 2018 22:00:19 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 7776381d for ; Tue, 22 May 2018 21:59:05 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 879fb18e (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO) for ; Tue, 22 May 2018 21:59:05 +0000 (UTC) Received: by mail-ot0-f170.google.com with SMTP id h8-v6so22853603otb.2 for ; Tue, 22 May 2018 15:01:27 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: "Jason A. Donenfeld" Date: Wed, 23 May 2018 00:01:26 +0200 Message-ID: Subject: Re: Key distribution and rotation tools? To: Giacomo Bernardi Content-Type: text/plain; charset="UTF-8" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , The Mullvad people have this interesting repo: https://github.com/mullvad/oqs-rs/tree/master/mullvad-wg-establish-psk The idea is to run some slow and miserable post quantum key exchange over TCP from inside the wireguard tunnel, and then pop the result into the PSK slot on both ends. It'd be interesting to see someone build something similar around the recently released libpqcrypto - https://libpqcrypto.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Jason@zx2c4.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 2e9bd555 for ; Tue, 22 May 2018 22:04:56 +0000 (UTC) Received: from frisell.zx2c4.com (frisell.zx2c4.com [192.95.5.64]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 6ce4de9f for ; Tue, 22 May 2018 22:04:56 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 764d5f7c for ; Tue, 22 May 2018 22:03:42 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 332d2743 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO) for ; Tue, 22 May 2018 22:03:42 +0000 (UTC) Received: by mail-ot0-f171.google.com with SMTP id 77-v6so22863858otd.4 for ; Tue, 22 May 2018 15:06:04 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: "Jason A. Donenfeld" Date: Wed, 23 May 2018 00:06:03 +0200 Message-ID: Subject: Re: Key distribution and rotation tools? To: Giacomo Bernardi Content-Type: text/plain; charset="UTF-8" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Tue, May 22, 2018 at 3:42 PM, Giacomo Bernardi wrote: > rotate pre-shared secrets by design [1]. Ahh, my apologies, I read "pre-shared" and assumed you were talking about PSK mode. But I think you're really interested in more general key distribution. Some people are just doing this over TLS with basic rest APIs beforehand. Other people are distributing keys with their ansible deployments. Others are using pre-existing channels like SSH or LDAP. Some people think it's a nice idea to stick it in DNS with DNSSEC. There's a project out there called 'wireguard-p2p' that does this with a DHT. Because the WireGuard CLI is pretty simple, it seems that different parties doing this tend to just use simple context-specific scripts for automating this, rather than forming a project that's reusable. To me, that seems like mostly a good thing -- our tools are basic enough that people don't need to run three gigabyte large enterprise java daemons to manage it. On the other hand, I'm sure we could all benefit from having some nice templated possibilities out there, either in contrib/examples/ or even as their own project. If anybody is interested in working on this kind of thing, get in touch! From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: BATV+662c0d45ef9886d85002+5386+infradead.org+dwmw2@twosheds.srs.infradead.org Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 75b662ee for ; Wed, 23 May 2018 09:29:52 +0000 (UTC) Received: from twosheds.infradead.org (twosheds.infradead.org [IPv6:2001:8b0:10b:1:21d:7dff:fe04:dbe2]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 40060a88 for ; Wed, 23 May 2018 09:29:52 +0000 (UTC) Message-ID: <1527067858.8186.76.camel@infradead.org> Subject: Re: Key distribution and rotation tools? From: David Woodhouse To: "Jason A. Donenfeld" , Giacomo Bernardi In-Reply-To: References: Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-ZgFj6wNStNNe9zlStvds" Date: Wed, 23 May 2018 10:30:58 +0100 Mime-Version: 1.0 Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , --=-ZgFj6wNStNNe9zlStvds Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, 2018-05-23 at 00:06 +0200, Jason A. Donenfeld wrote: > On Tue, May 22, 2018 at 3:42 PM, Giacomo Bernardi wrote: > > rotate pre-shared secrets by design [1]. >=20 > Ahh, my apologies, I read "pre-shared" and assumed you were talking > about PSK mode. But I think you're really interested in more general > key distribution. >=20 > Some people are just doing this over TLS with basic rest APIs > beforehand. If you have established a TLS session from A to B then you can just derive your PSK from the master secret of that TLS session. That's exactly what the Cisco AnyConnect protocol does, for "upgrading" its HTTPS connection to DTLS. It first connects via HTTPS and does all the authentication and client configuration that way, and then establishes a UDP connection *if* it isn't prevented by stupid firewalls. In OpenConnect we've already extended the UDP connectivity to support *standard* DTLS1.2 and saner ciphersuites like chacha20/poly1305, rather than Cisco's pre-v1.0 version of DTLS. I'm toying with the idea of extending it to use WireGuard too. It seems like a good complement =E2=80=94 WireGuard gives us a very efficient UDP transport with kernel acceleration, and what's left is all the bits that are explicitly out of scope for WireGuard =E2=80=94 configuration and authentication and key exchange. It fills in all the gaps and turns WireGuard into the basis of a complete client VPN solution. Is anyone interested in that? --=-ZgFj6wNStNNe9zlStvds Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCEFQw ggUxMIIEGaADAgECAhBNRhEyk/HZ7naOeTHWrzuAMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYDVQQG EwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYD VQQKExFDT01PRE8gQ0EgTGltaXRlZDE9MDsGA1UEAxM0Q09NT0RPIFJTQSBDbGllbnQgQXV0aGVu dGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTAeFw0xNzEyMjEwMDAwMDBaFw0xODEyMjEyMzU5 NTlaMCQxIjAgBgkqhkiG9w0BCQEWE2R3bXcyQGluZnJhZGVhZC5vcmcwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDgzLNWa18DNpGUj/ZeH0Sgz53ESIbzdPw3OJeuNP6jZhxZojbyfxbM hETscxI/Hj6UZ4a7sHm5BkVjlsB1Af2Za/PXUt8MmLAcPMHkMPGunvkUibEvblDvpqMkQZlaZM+t 5PqFmWkbehLaEvbpNY7dmEAAeKh4klTzJzrr5AAzaCQ32cA2e3+DEIv5O5l9ViMIjy/JM+xMQrfX 3PZ0chY1PaVWjg59d4Uno+5LRDbgCnPkKJX4ysBGadibjBGQGJEZCjh94iiEebn2KsRLvtrJ72Ph 3W2HDEdngW3YP0wujFQVs81U7L8XN3kdPRsa9zNqGtYQP/+1KMMJQ57hnfi9AgMBAAGjggHpMIIB 5TAfBgNVHSMEGDAWgBSCr2yM+MX+lmF86B89K3FIXsSLwDAdBgNVHQ4EFgQUpL+/5lli9jmj2KHj ryyhnB2xRt0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYDVR0lBBkwFwYIKwYBBQUH AwQGCysGAQQBsjEBAwUCMBEGCWCGSAGG+EIBAQQEAwIFIDBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB AgEBATArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQUzBaBgNVHR8E UzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50 aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKG SWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5k U2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAe BgNVHREEFzAVgRNkd213MkBpbmZyYWRlYWQub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQCK28BdbVJ9 QKQqTDfXwogAYiRBEGptfE1Bjy4F5vC6eWJqOJ15vunxjLwdbZYb4L0qrJlh+ZHHHlbIK8uEZu7N XHUntmWMbGbZiu7JgrbSXJK1ct9gxrN/sdWYJ+JDjVHg7GfDTvTTPa26JMRqJsO1TjjyDX7A3K39 TjV8C0hqXvwF9BsNf+qBeWO6GVzJ5572awY221hc1umibmZaKV4fg+7fS7qscx5TSuIc6uvMBQhm 7NQiCq6euMMWBDUDlotQCDW0ilm0OuLW3IVLuZCm6Msc+6hT9+dCT4JUvxTHZnnO7uLCxV+Ujad+ PH3itRm38i96p2zvwgLr8vwWA0ckMIIFMTCCBBmgAwIBAgIQTUYRMpPx2e52jnkx1q87gDANBgkq hkiG9w0BAQsFADCBlzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQ MA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENP TU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwHhcNMTcx MjIxMDAwMDAwWhcNMTgxMjIxMjM1OTU5WjAkMSIwIAYJKoZIhvcNAQkBFhNkd213MkBpbmZyYWRl YWQub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MyzVmtfAzaRlI/2Xh9EoM+d xEiG83T8NziXrjT+o2YcWaI28n8WzIRE7HMSPx4+lGeGu7B5uQZFY5bAdQH9mWvz11LfDJiwHDzB 5DDxrp75FImxL25Q76ajJEGZWmTPreT6hZlpG3oS2hL26TWO3ZhAAHioeJJU8yc66+QAM2gkN9nA Nnt/gxCL+TuZfVYjCI8vyTPsTEK319z2dHIWNT2lVo4OfXeFJ6PuS0Q24Apz5CiV+MrARmnYm4wR kBiRGQo4feIohHm59irES77aye9j4d1thwxHZ4Ft2D9MLoxUFbPNVOy/Fzd5HT0bGvczahrWED// tSjDCUOe4Z34vQIDAQABo4IB6TCCAeUwHwYDVR0jBBgwFoAUgq9sjPjF/pZhfOgfPStxSF7Ei8Aw HQYDVR0OBBYEFKS/v+ZZYvY5o9ih468soZwdsUbdMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E AjAAMCAGA1UdJQQZMBcGCCsGAQUFBwMEBgsrBgEEAbIxAQMFAjARBglghkgBhvhCAQEEBAMCBSAw RgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAQEwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUu Y29tb2RvLm5ldC9DUFMwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20v Q09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNybDCBiwYIKwYB BQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FD bGllbnRBdXRoZW50aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRw Oi8vb2NzcC5jb21vZG9jYS5jb20wHgYDVR0RBBcwFYETZHdtdzJAaW5mcmFkZWFkLm9yZzANBgkq hkiG9w0BAQsFAAOCAQEAitvAXW1SfUCkKkw318KIAGIkQRBqbXxNQY8uBebwunliajideb7p8Yy8 HW2WG+C9KqyZYfmRxx5WyCvLhGbuzVx1J7ZljGxm2YruyYK20lyStXLfYMazf7HVmCfiQ41R4Oxn w0700z2tuiTEaibDtU448g1+wNyt/U41fAtIal78BfQbDX/qgXljuhlcyeee9msGNttYXNbpom5m WileH4Pu30u6rHMeU0riHOrrzAUIZuzUIgqunrjDFgQ1A5aLUAg1tIpZtDri1tyFS7mQpujLHPuo U/fnQk+CVL8Ux2Z5zu7iwsVflI2nfjx94rUZt/Iveqds78IC6/L8FgNHJDCCBeYwggPOoAMCAQIC EGqb4Tg7/ytrnwHV2binUlYwDQYJKoZIhvcNAQEMBQAwgYUxCzAJBgNVBAYTAkdCMRswGQYDVQQI ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBD QSBMaW1pdGVkMSswKQYDVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X DTEzMDExMDAwMDAwMFoXDTI4MDEwOTIzNTk1OVowgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJH cmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBM aW1pdGVkMT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrOeV6wodnVAFsc4 A5jTxhh2IVDzJXkLTLWg0X06WD6cpzEup/Y0dtmEatrQPTRI5Or1u6zf+bGBSyD9aH95dDSmeny1 nxdlYCeXIoymMv6pQHJGNcIDpFDIMypVpVSRsivlJTRENf+RKwrB6vcfWlP8dSsE3Rfywq09N0Zf xcBa39V0wsGtkGWC+eQKiz4pBZYKjrc5NOpG9qrxpZxyb4o4yNNwTqzaaPpGRqXB7IMjtf7tTmU2 jqPMLxFNe1VXj9XB1rHvbRikw8lBoNoSWY66nJN/VCJv5ym6Q0mdCbDKCMPybTjoNCQuelc0IAaO 4nLUXk0BOSxSxt8kCvsUtQIDAQABo4IBPDCCATgwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY 7NkyMtQwHQYDVR0OBBYEFIKvbIz4xf6WYXzoHz0rcUhexIvAMA4GA1UdDwEB/wQEAwIBhjASBgNV HRMBAf8ECDAGAQH/AgEAMBEGA1UdIAQKMAgwBgYEVR0gADBMBgNVHR8ERTBDMEGgP6A9hjtodHRw Oi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBx BggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w DQYJKoZIhvcNAQEMBQADggIBAHhcsoEoNE887l9Wzp+XVuyPomsX9vP2SQgG1NgvNc3fQP7TcePo 7EIMERoh42awGGsma65u/ITse2hKZHzT0CBxhuhb6txM1n/y78e/4ZOs0j8CGpfb+SJA3GaBQ+39 4k+z3ZByWPQedXLL1OdK8aRINTsjk/H5Ns77zwbjOKkDamxlpZ4TKSDMKVmU/PUWNMKSTvtlenlx Bhh7ETrN543j/Q6qqgCWgWuMAXijnRglp9fyadqGOncjZjaaSOGTTFB+E2pvOUtY+hPebuPtTbq7 vODqzCM6ryEhNhzf+enm0zlpXK7q332nXttNtjv7VFNYG+I31gnMrwfHM5tdhYF/8v5UY5g2xANP ECTQdu9vWPoqNSGDt87b3gXb1AiGGaI06vzgkejL580ul+9hz9D0S0U4jkhJiA7EuTecP/CFtR72 uYRBcunwwH3fciPjviDDAI9SnC/2aPY8ydehzuZutLbZdRJ5PDEJM/1tyZR2niOYihZ+FCbtf3D9 mB12D4ln9icgc7CwaxpNSCPt8i/GqK2HsOgkL3VYnwtx7cJUmpvVdZ4ognzgXtgtdk3ShrtOS1iA N2ZBXFiRmjVzmehoMof06r1xub+85hFQzVxZx5/bRaTKTlL8YXLI8nAbR9HWdFqzcOoB/hxfEyIQ px9/s81rgzdEZOofSlZHynoSMYIDxzCCA8MCAQEwgawwgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQI ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBD QSBMaW1pdGVkMT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQg U2VjdXJlIEVtYWlsIENBAhBNRhEyk/HZ7naOeTHWrzuAMA0GCWCGSAFlAwQCAQUAoIIB6zAYBgkq hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xODA1MjMwOTMwNThaMC8GCSqG SIb3DQEJBDEiBCBX4mppjo0/ax93ORLbNKXNvL3xxWUMUXcGFoQogZ+YvDCBvQYJKwYBBAGCNxAE MYGvMIGsMIGXMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD VQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDE9MDsGA1UEAxM0Q09NT0RP IFJTQSBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIQTUYRMpPx2e52 jnkx1q87gDCBvwYLKoZIhvcNAQkQAgsxga+ggawwgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJH cmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBM aW1pdGVkMT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2Vj dXJlIEVtYWlsIENBAhBNRhEyk/HZ7naOeTHWrzuAMA0GCSqGSIb3DQEBAQUABIIBAIDu0465sVHQ yJploHIr7uhmgk1zCwybrGGAhYL4skn9gVcfSGE+h1nuBOc900FIfFCXaewD8es66up47spS1RXW Bs+7qZAAeK4WL7G+3LGJQENJ3m1Nt7mzdDB/5ysxcn3tG/ZkXz7d15bGvXUxBffxiPs4lpigqhfJ B9xXPS4FtVnKvHejpRqHirbuIpdKXihIfkN6culEANh7GCsoU4Jx8x/PeRMkAsEAfq+arnWj0ca/ 1pmCwMlJTaerYm2kV+7grA8snJv2GrYPiIVpLIHuG3umfzZfE67XS350zg1XZfFQprNBeCR6kmXo 3zjh71cTumd2UiYQE0D9frc6sGUAAAAAAAA= --=-ZgFj6wNStNNe9zlStvds-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: paul@mjr.org Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id bf49f19a for ; Wed, 23 May 2018 11:36:09 +0000 (UTC) Received: from mjr.org (mjr.org [212.13.216.238]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 4aaa66b9 for ; Wed, 23 May 2018 11:36:09 +0000 (UTC) Message-ID: <96021f8628fce828f728c81be2f1976370434cf3.camel@mjr.org> Subject: Re: Key distribution and rotation tools? From: Paul Hedderly To: David Woodhouse , "Jason A. Donenfeld" , Giacomo Bernardi Date: Wed, 23 May 2018 12:37:21 +0100 In-Reply-To: <1527067858.8186.76.camel@infradead.org> References: <1527067858.8186.76.camel@infradead.org> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Wed, 2018-05-23 at 10:30 +0100, David Woodhouse wrote: > On Wed, 2018-05-23 at 00:06 +0200, Jason A. Donenfeld wrote: > > On Tue, May 22, 2018 at 3:42 PM, Giacomo Bernardi > > wrote: > > > rotate pre-shared secrets by design [1]. > > > > Ahh, my apologies, I read "pre-shared" and assumed you were talking > > about PSK mode. But I think you're really interested in more > > general > > key distribution. > > > > Some people are just doing this over TLS with basic rest APIs > > beforehand. > > If you have established a TLS session from A to B then you can just > derive your PSK from the master secret of that TLS session. > > That's exactly what the Cisco AnyConnect protocol does, for > "upgrading" > its HTTPS connection to DTLS. It first connects via HTTPS and does > all > the authentication and client configuration that way, and then > establishes a UDP connection *if* it isn't prevented by stupid > firewalls. > > In OpenConnect we've already extended the UDP connectivity to support > *standard* DTLS1.2 and saner ciphersuites like chacha20/poly1305, > rather than Cisco's pre-v1.0 version of DTLS. > > I'm toying with the idea of extending it to use WireGuard too. It > seems > like a good complement — WireGuard gives us a very efficient UDP > transport with kernel acceleration, and what's left is all the bits > that are explicitly out of scope for WireGuard — configuration and > authentication and key exchange. It fills in all the gaps and turns > WireGuard into the basis of a complete client VPN solution. > > Is anyone interested in that? > Very much so.... But I'm also interested after reading about a possible mash of WG and Tinc... the mesh over WG model would be awesome.