Status of opportunistic encryption
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed May 31 21:47:06 EDT 2006
<auto37159 at hushmail.com> writes:
>I am also interested in Opportunistic Encryption. Even if it is not as
>secure as a manually configured VPN, I am willing to trade that for what it
>does provide. I have looked at setting up OpenSWAN in OE mode, but frankly
>it is daunting even for the reasonably geeky and far beyond any kind of mass
>implementation.
Grab OpenVPN (which is what OpenSWAN should be), install, point it at the
target system, and you have opportunistic encryption.
>Anytime I have recommended using STARTTLS to my sysadmin friends, they have
>always worried about breaking stuff and complained about needed expensive
>certs.
Why do you need expensive certs? It's opportunistic encryption, you generate
a self-signed cert on install and you're done.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list