Artwork

Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!

Matrix French gov deployment: opening a private federation securely (matrix-conf-2025)

22:05
 
Teilen
 

Manage episode 514249987 series 1910928
Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
The French government has deployed a private Matrix federation for French civil servants called Tchap. Currently this federation has about 300 000 monthly active users and its usage is growing constantly. Today our federation is closed and we would like to be able to connect with other public French Matrix nodes (local authorities for instance), and also other European countries. We should implement measures to ensure that the federation remains resilient against potential attacks, both technical (e.g., DDoS, data interception) and organizational (e.g., unauthorized access, insider threats) : - How can we restrict the servers we wish to communicate with? How can we be sure that we are actually communicating with them? Since TLS can be vulnerable to man-in-the-middle attacks by state actors, we can't rely on it entirely. - How can we trust the identities of users from external deployments that we don’t control? - How can we limit the interactions that external users can have with users from our federation? We spent a lot of time thinking about this and now have a plan that looks legit, and that we are currently implementing. I'm sure you want to know more about it, right? In this talk, we will share the approach we’ve taken to address these challenges and we will present the architecture we designed. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://cfp.2025.matrix.org/matrix-conf-2025/talk/WWAVBQ/
  continue reading

1750 Episoden

Artwork
iconTeilen
 
Manage episode 514249987 series 1910928
Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
The French government has deployed a private Matrix federation for French civil servants called Tchap. Currently this federation has about 300 000 monthly active users and its usage is growing constantly. Today our federation is closed and we would like to be able to connect with other public French Matrix nodes (local authorities for instance), and also other European countries. We should implement measures to ensure that the federation remains resilient against potential attacks, both technical (e.g., DDoS, data interception) and organizational (e.g., unauthorized access, insider threats) : - How can we restrict the servers we wish to communicate with? How can we be sure that we are actually communicating with them? Since TLS can be vulnerable to man-in-the-middle attacks by state actors, we can't rely on it entirely. - How can we trust the identities of users from external deployments that we don’t control? - How can we limit the interactions that external users can have with users from our federation? We spent a lot of time thinking about this and now have a plan that looks legit, and that we are currently implementing. I'm sure you want to know more about it, right? In this talk, we will share the approach we’ve taken to address these challenges and we will present the architecture we designed. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://cfp.2025.matrix.org/matrix-conf-2025/talk/WWAVBQ/
  continue reading

1750 Episoden

Alle Folgen

×
 
Loading …

Willkommen auf Player FM!

Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.

 

Kurzanleitung

Hören Sie sich diese Show an, während Sie die Gegend erkunden
Abspielen