> VPN as a service sounds wrong from security perspective, as you are giving away all the keys.
yes, that's the value proposition. storing keys securely isn't free. if your threat model makes you trust your vpn provider less than yourself, by all means do it yourself.
> These internal services that are annohnced are just... Services you can run on the Internet with TLS.
I don't want the internet to even know I'm running a service if I only run it for myself.
Admittedly I use it for home stuff only, not a business, but I can much more securely provide a service on my tailnet by leaning on Tailscale to handle it for me than I can myself, without a significant amount of effort. I want to leave securely deploying services at work, at work, and lower my administrative overhead at home.
For a lot of businesses of a certain size, I'm sure the math works out similarly.
yes, that's the value proposition. storing keys securely isn't free. if your threat model makes you trust your vpn provider less than yourself, by all means do it yourself.
> These internal services that are annohnced are just... Services you can run on the Internet with TLS.
I don't want the internet to even know I'm running a service if I only run it for myself.