Tailnet Lock is generally available

Tailnet Lock is now generally available, offering a Trust On First Use (TOFU) model to ensure security for users of Tailscale's networking solutions by allowing administrators to control node access with admin-controlled keys before granting network connectivity. Tailnet Lock enhances security by enabling users to move Tailscale’s coordination server out of their center of trust, thus reducing potential risks associated with Tailscale acting as a threat actor. It employs a cryptographically verifiable chain to manage node signing and includes safeguards to prevent accidental removal of all signing nodes. New features such as webhook events have been introduced to facilitate automation and alerting for node signing processes, and users can maintain privacy by holding onto their disablement secrets, with the option to share them with Tailscale for support if desired. Tailnet Lock is suitable for various users, from startups to enterprises, who seek to maintain control over their network's trust boundaries, with options for self-hosting or using Tailscale’s SaaS model for additional benefits.