> How do you handle the do-before-thinking devs?

Isn't that exactly what tailscale is built to accommodate - zero trust?

You set up ACLs and other permissions to not allow people to do more than the damage you can tolerate.

Zerconf ≠ zero trust. The difference could not be more material in this context.

If both sides of your ssh tunnel (pub,private keys) are under your control, in theory, that's "zero trust".

Unless one considers the meta data such as src/dest IP are visible to Tailscale sw.

Right?

	▲	nickburns 3 hours ago \| parent [-]
		'Zero trust' has a technical definition that's not really relevant here. See: https://en.wikipedia.org/wiki/Zero_trust. The concept is separate from 'zero config' (https://en.wikipedia.org/wiki/Zero-configuration_networking), which Tailscale's low technical barrier to entry evokes.