(tailscale.com)

655 points louis-paul | 1 comments | 08 Apr 25 10:36 UTC | HN request time: 0s | source

Show context

littlecranky67 ◴[09 Apr 25 07:13 UTC] No.43629616[source]▶

>>43620141 (OP) #

Still can't wrap my head around that TS does not allow to signup with your custom email/password combination but forces you to use bigtech (GitHub, Apple, Meta etc.) to login. Running your custom OIDC provider as a small, private person does not make any sense either.

replies(2): >>43629788 #>>43675451 #

dijit ◴[09 Apr 25 07:43 UTC] No.43629788[source]▶

>>43629616 #

I think that's quite smart, and OIDC is an open standard at least.

Securing usernames/passwords and handling second factors etc; is already done so well and it's hard to do.

Having a clear 'this is where we can be secure' stances is what makes me want to trust them more.

replies(3): >>43630167 #>>43630553 #>>43630731 #

lo0dot0 ◴[09 Apr 25 10:46 UTC] No.43630731[source]▶

>>43629788 #

Why is that smart? I signed up for a Microsoft Account with my email and I can use Microsoft Account to log in to Tail scale but I can't use the email directly? How does the middle man bring anything to the table?

replies(1): >>43631327 #

dijit ◴[09 Apr 25 12:31 UTC] No.43631327[source]▶

>>43630731 #

Because then tailscale doesn’t store a username and password for you, so unless microsoft is hacked you won’t be- theoretically.

replies(3): >>43631548 #>>43632133 #>>43641572 #

littlecranky67 ◴[10 Apr 25 07:32 UTC] No.43641572[source]▶

>>43631327 #

If I have to spin up a keycloak instance (you forgot to say on a public-facing data center that runs 24/7) to use a single service I would usually signup with an email and password, I might as well spin up my private vpn server.

replies(1): >>43641648 #

1. dijit ◴[10 Apr 25 07:47 UTC] No.43641648[source]▶

>>43641572 #

yep!

Or use a login system you already have.

↑

Tailscale has raised $160M