Thanks for your input, I guess I need to do a little more reading of the
James Yonan wrote:
A few thoughts:
* Generating a new static key, sending it over the tunnel, and using it as
basis to restart a new tunnel is more work and doesn't give you "perfect
forward security". SSL/TLS gives you dynamic keys + perfect forward security.
Openvpn-users mailing list