Thomas Eizinger
Thomas Eizinger
Awesome! I was going to try and implement this but you beat me to it :)
Can we go the other way and instead remove the sha256? We'll probably have to send both in order to allow the portal to migrate but in general, I think...
I am not suggesting a (permanent) additional ID but to migrate `external_id` to the non-sha'd version.
Why? If we are sending the non-sha'd version, you can always apply the sha and check if that one is verified?
I don't understand what the complexity is here but we can also do it on the clients if it is too hard in the portal and migrate every existing Firezone...
> > surely adding a sha to the analytics reporters is simpler overall? > > It also adds a bit of privacy between the metadata that lives on the organization's...
> I don't understand what the complexity is here but we can also do it on the clients if it is too hard in the portal and migrate every existing...
Doing this properly requires Path MTU discovery. A basic version however can be done by checking the local interface.
Related: https://www.ietf.org/archive/id/draft-petithuguenin-tsvwg-stun-pmtud-01.html.
> Related: https://www.ietf.org/archive/id/draft-petithuguenin-tsvwg-stun-pmtud-01.html. Difficulty of this is integration with the ICMP layer. I wonder how QUIC does this.