Deterministic Cryptographically Authenticated Network Signatures on Windows NLA

[Matthias Urlichs]

On 02.07.19 22:47, Ivan Labáth wrote:
> while the idea of Deterministic Cryptographically Authenticated
> Network Signatures is commendable, what is the *purpose* of the
> network signature in Windows?

The network signature's purpose depends on your network policy. For some
it's a strict "this network requires that firewalling and access policy
and whatnot", for others it's a far more fluid concept.

Thus, if you're in the latter situation and you use some program that
changes your WG setup, that same program can associate the new signature
with the existing rules, assuming it has the rights to do so. Problem
solved.

-- 
-- Matthias Urlichs