The client contains our most sophisticated code. It's also the most important from a trust perspective, it is responsible for securing your data, our servers cannot see anything of yours because of the client. So it's vital the important parts of it are open source.

That said, I'd like to open source a server. We need a reference implementation of our control protocol so it can be properly analyzed by security experts. Not sure what form that should take yet, but I'd like it to be usable.

It is, admittedly, impossible for me to be unbiased in this discussion (coauthor of Nebula, hi), but I strongly disagree that your client code is your most important component, from a trust perspective.

Your coordination server tells every node about every other node and distributes the keys for the entire network. Everything on a tailscale network implicitly trusts your coordination service.

If an individual client is compromised, code or otherwise, the effect is more limited than your coordination service being compromised, in which case the entire system's trust is broken.

hi crawshaw, I've started playing with Tailscale as potential alternative for how we're using LISP in Project EVE (Edge Computing Mesh Network usecase) and was wondering whether there's any way today to make Linux clients negotiate (even if through a manual process without) going through your control plane?