Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

9.4K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Cassandrich

@dequbed @soatok Unless you're just using IPsec as a tunnel encapsulating layer, the reason it's "the wrong layer" is that applications have to know about it to use it, but they can only use it if they're on a system & network configuration that supports it. This is stupid, because applications don't want encryption at the network layer, they want it at the transport layer and possibly also application layer.

If you are just using it to encapsulate a tunnel, it's a less compatible, more stateful, more painful to setup version of wireguard.

Ultimately, encryption at the network layer is not something that benefits application privacy/security. It's just a way to bypass draconian firewalls and metadata harvesting.

Feb 18, 2025, 06:18 PM·Quiet public·Web
0boosts·1favorite
ExploreLive feeds
About