vikarti.anatra/safing-web
1
0
Fork 0
mirror of https://github.com/safing/web synced 2025-09-01 10:39:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add SPN progress update text

Browse source
This commit is contained in:
davegson 2020-07-31 14:42:11 +02:00
parent bca66a12b2
commit c414ba66b5
1 changed files with 30 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
_posts/2020-07-31-progress-update-july.html
View file

@ -51,6 +51,36 @@ cards:
team:
- Daniel
- Patrick
progress:
- type: 'h3'
text: Three Major Refactors Made Us Slower But More Secure
- type: p
text: "Since our SPN proof of concept back in 2018, three major events resulted in making the final product more secure and stable, but also increased our workload:"
- type: ol
lis:
- the external code audit of our cryptographic library Jess by Cure53 gave valuable technical advice how to further tighten this aspect
- the decision to split the gossiping between network nodes into two levels of communication
- the Portmaster has matured a lot since its release back in April, resulting in a lot of code-refactors on the client side
- type: 'h3'
text: Code Audit By Cure53
- type: p
text: "Back in January we paid some of the best in the field to audit our cryptographic library. Their insight and expertise challenged us, in a very good way. The foundation was solid, but it was clear we improve things here and there. During these months, we could progress our cryptography library into what it is now. This module is complete, but also added workload to the timeline."
- type: a
text: View Cure53's audit report
- type: a
text: Inspect the code of Jess, our cryptography library
- type: 'h3'
text: Refactoring The Gossiping
- type: p
text: "Instead of sending all data from servers to clients, we decided to split the messages into a \"big message\" and a \"small message\". The big message is sent on setup and contains the servers public key and lots of meta-data. The small message contains the servers active links to other nodes and its most current ephemeral keys (for 0-RTT perfect forward & backward secrecy connections). The small message will communicate with clients regularly while the big message will be sent less frequent to prevent unnecessary communication. Naturally, this provided a big refactor and a delay in timeline."
- type: p
text: This module is nearly done as well, just a few polishes here and there as well as some more integrations are needed to wrap this up.
- type: a
text: View the Pull Request of this refactor
- type: 'h3'
text: "Last Piece of the Puzzle: Client Side Integration"
- type: p
text: "The Portmaster has matured a lot in the last few months, hence this also changed a few components which intercept and resolve network connections. This is the final module we are currently working on until the first testers can join the network. We are so close, but sadly not there yet. Expect the full SPN engine to start very shortly."
- title: Safing API
description:
- Enable you to sign in to your Safing account on the Portmaster client via the Safing API. Also respond with details regarding your SPN subscription.