Dave's Brain

Browse - tech opinion - opportunistic encryption

Date: 2012feb29
Posted: 2007dec24

Q.  What's the best way to make a VPN?

A.  I think the best hope for a VPN is not make a VPN (Virtual
Private Network) at all!  Every organization needs to interact with
outside entities.  At that point the VPN breaks down.
So use "Opportunistic Encryption" (OE).  In other words, set up your
servers/clients to encrypt where the other side can also.

I have instructions for many services here:
http://www.davekb.com/search.php?target=TLS

Another good idea is adding KEY records in DNS
to support Freeswan's opportunistic encryption. 

I suggest installing EFF's https-everywhere plugin for your browser:
https://www.eff.org/https-everywhere/

More info:
http://en.wikipedia.org/wiki/Opportunistic_encryption
What this info useful to you? You can donate to say thanks

Add a comment

Sign in to add a comment
Copyright © 2008-2012, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.		Advertisements: