Wishlist - freifunk-gluon/gluon GitHub Wiki
Config-Mode
Use status page design
It is much cleaner and modern and we could offer a more streamlined experience that way.
Hostname
Provide a hostname where the config mode can be reached. This hostname should be resolvable through the router when in config mode. Possibly through mDNS.
IPv6-only
So we can drop the DHCP daemon. Instead:
- Announce prefix via radv,
Blocked by:
- Windows 7/8 lacking proper RADV support
DNS-Resolver
Caching Resolver with DNSSEC-Support
https://github.com/freifunk-gluon/gluon/issues/1362
DNS-over-TLS Support
Android 9 adds built-in support for DNS over TLS, automatically upgrading DNS queries to TLS if a network's DNS server supports it.
https://android-developers.googleblog.com/2018/08/introducing-android-9-pie.html
- offer TLS (using which pki?) on port 853
- encrypt communication with forwarding resolvers (trusted root?)
Examples
unbound + odhcpd (https://blog.cloudflare.com/dns-over-tls-for-openwrt/)
SSH Daemon
ed25519 support
Most sought-after SSH keypair support, likely out of reach with dropbear.
WiFi
Advertise informational fields of 802.11u
Hostapd has support for some fields that could prove useful.
https://ruckus-www.s3.amazonaws.com/pdf/wp/wp-how-interworking-works.pdf
Opportunistic Wireless Encryption
Mitigate client exposure to simple sniffing attacks.
- Requires another VAP during the transitional period.