Hacker News new | past | comments | ask | show | jobs | submit login

Do you know anyone who can say specifically what kind of security wireguard provides? Not the NoiseIK Wireguard IKE protocol proven secure stuff┬╣, but in practice, what can it be relied on to prevent and what does it not prevent?

For example, copying ECN bits was documented only after I bugged Jason about it. In the whitepaper it is mentioned 0 times.

I tried asking on the mailing list, but got nowhere.

┬╣ The protocol is the foundation. But just because an idealized part is proven secure under some assumptions, doesn't mean the whole is secure, implemented as described or suitable for a particular purpose.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact