OpenVPN and "SSL VPNs"

Stefan Mink mink at schlund.net
Fri Jan 7 07:59:14 EST 2005


Hi,

I already stumbled several times over OpenVPN but never
had the time to look at it in detail. Now I had but didn't
find many infos except "many lucky users" and few negative
outputs.

I have two open points:
a) It would be good to hear from this community if there
are any negative aspects of OpenVPN (vs. IPsec VPNs).
b) I still have a problem with the term "SSL/TLS VPN". What
OpenVPN seems to do is use SSL for authentication and
key exchange/rekeying, but does use "ESP similar"
data protection schemes/formats. Does the usage of
SSL on a "control plane" make OpenVPN an "SSL VPN"?
This sounds to me like calling something a car just
because it uses a steering wheel... So far I thought
about SSL VPNs as doing everything over SSL (with
the known disadvantages...).

    tschuess
              Stefan Mink
-- 
Stefan Mink, Schlund+Partner AG (AS 8560)
Primary key fingerprint: 389E 5DC9 751F A6EB B974  DC3F 7A1B CF62 F0D4 D2BA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20050107/ca31af07/attachment.pgp>


More information about the cryptography mailing list