PMTU Discovery Security Concerns
Jason A. Donenfeld
Jason at zx2c4.com
Sun Apr 15 17:47:17 CEST 2018
On Sun, Apr 15, 2018 at 5:45 PM, Ryan Whelan <rcwhelan at gmail.com> wrote:
> I don't have an actual fix; but is something that could have a switch that
> could be configured per interface? I know knobs and controls aren't really
> desirable, but if Off by default, it would encourage those turning it on to
> understand what they're exposing.
Knobs with a security impact? Sounds like a foot-gun disaster, and
something we've always tried to avoid here. I'm interested more in
seeing whether there's a secure way to do the right thing all of the
time.
More information about the WireGuard
mailing list