2·
4 months agoI used to run PFSense ( pretty much the same as Opensense ) and really liked it but moved over to Ubiquity in the last year or so. Here’s my 2 cents…
Go with Ubiquity if you want a single unified interface for managing all your devices. You’ll have “soft vendor lock in”, their kit will work just fine with a mix of hardware but it’s best if everything is Ubiquity
Go with Opensense if you want complete flexibility in the kit you’re using. I feel likeI had more fine grained control with PFSense than I do with Ubiquity but I think that’s a symptom of how the UI/UX rather than the features
You can do the same stuff with both options. I’m very happy with my Ubiquity set up, I don’t see myself changing anything anytime soon
I appreciate you taking the time to implement this and answering some questions! I have a follow up question- What’s the benefit of using asymmetric encryption here? You’re not signing the message ( you probably should imo ) and you don’t appear to support sharing encrypted notes ( i.e a user provides one or more additional public keys that a note is encrypted for ). You’re basically doing symmetric encryption with the pain of key management
It’d be simpler ( from a user and code perspective )to use symmetric encryption ( something like aes-256-gcm or ChaCha20-Poly1305 for example ) and use key wrapping to avoid encrypting user data directly and you’d have stronger crypto as a result
You’re right that PGP is a valid encryption method but it’s not very popular in the modern day because it’s very hard to get right. Latacora has a great post on the PGP Problemand the Soatok blogs that u/litchralee linked are well worth a read too