TLS is the most secure option to connect the nodes, now it got even better with that password feature which probably makes it impossible to MITM yggdrasil connection to the node (i know its encrypted end2end but attacker on ISP side can at least fuck up connection and routes like that).
But I'm really missing socks option for TLS. For some reason yggdrasil socks option can only work with TCP, and sometimes its pretty convenient to add bunch of other gateways this way.
Nothing urgent here but i just wonder why socks+tls doesnt exists, its still TCP and can be wrapped into socks same way. QUIC on the other hand would be tricky to route over socks (with all those UDP bind tricks), but TLS supposed to be pretty trivial.
Btw: If you implement socks+QUIC via UDP bind it should be even faster, because UDP bind is just userspace port forwarding and causes zero processing lags compared to TCP via socks which endures encapsulation and routing overheads inside socks server. Openvpn was able to do udpbind via socks and it was pretty much fast, not distinguishable from direct UDP connection.
TLS is the most secure option to connect the nodes, now it got even better with that password feature which probably makes it impossible to MITM yggdrasil connection to the node (i know its encrypted end2end but attacker on ISP side can at least fuck up connection and routes like that).
But I'm really missing socks option for TLS. For some reason yggdrasil socks option can only work with TCP, and sometimes its pretty convenient to add bunch of other gateways this way.
Nothing urgent here but i just wonder why socks+tls doesnt exists, its still TCP and can be wrapped into socks same way. QUIC on the other hand would be tricky to route over socks (with all those UDP bind tricks), but TLS supposed to be pretty trivial.
Btw: If you implement socks+QUIC via UDP bind it should be even faster, because UDP bind is just userspace port forwarding and causes zero processing lags compared to TCP via socks which endures encapsulation and routing overheads inside socks server. Openvpn was able to do udpbind via socks and it was pretty much fast, not distinguishable from direct UDP connection.