snow: How To Use It

How To Use

(First install it.)

The interface to snow is essentially DNS. Once installed all you have to do is use key names like addresses. It should work for most existing applications that use DNS and IPv4 like web browsers, IRC, DNS, NFS, ssh, rsync, git, etc. Just use "xyz.key" instead of "example.com."

Application developers can also use snow to simplify their applications. If you write multi-user applications you can save yourself from having to do everything that snow does for you. See Application Development. Now you can write a multiplayer game or chat app or distributed CDN without having to touch NAT traversal or any of that other stuff. Just use keys where you would have used IP addresses.

The obvious drawback of using keys as names is they aren't pretty to look at, but we can do the same things we do to not have to look at IP addresses. The snow DNS resolver should do the right thing with DNS CNAME records that point to key names, so you can make some human-readable domain name ("foo.example.com") a CNAME for your key. However, realize that the security of DNS is on the wrong side of bad in most cases and is especially pernicious in this context. Future versions of snow may mitigate this by validating names with DNSSEC or DNSCurve or something like Convergence and using key pinning (think certificate pinning) but none of those are currently implemented.

You can also create local aliases for the keys you use on a regular basis, which is less scalable but generally more secure. Aliases can go in /etc/sdns/local.names one per line with the format "CNAME some.alias xyz.key". This is often useful for keys you get from other people in any of the usual ways in person or over an existing secure channel like HTTPS or PGP.

[snow] [How it works] [How to use it] [How to install it] [Advanced Configuration] [App Development] [Read the FAQ]