top | item 47064788

(no title)

madeofpalk | 11 days ago

> How do you handle the do-before-thinking devs?

Isn't that exactly what tailscale is built to accommodate - zero trust?

You set up ACLs and other permissions to not allow people to do more than the damage you can tolerate.

discuss

nickburns|11 days ago

Zerconf ≠ zero trust. The difference could not be more material in this context.

tonyplee|11 days ago

If both sides of your ssh tunnel (pub,private keys) are under your control, in theory, that's "zero trust".

Unless one considers the meta data such as src/dest IP are visible to Tailscale sw.

Right?