Differences between current version and revision by previous author of PerfectForwardSecrecy.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 3 | Last edited on Friday, December 5, 2003 8:32:27 pm | by CraigBox | |
| Older page: | version 1 | Last edited on Friday, June 20, 2003 11:22:44 am | by PerryLorier | Revert |
@@ -1,3 +1,12 @@
The idea of an encrypted communication channel regularly changing it's key. Thus if one of the keys is ever compromised (for what ever reason), then the attacker can use that to read all future traffic, but not any older traffic.
Nifty no?
+
+[Apple|AppleCorporation]'s and [Microsoft|MicrosoftCorporation]'s [L2TP]/[IPSec] clients do not enable PFS. FreeSwan, on the other hand, enables PFS by default. (One could only speculate why PFS is not used by Apple and Microsoft as a default. Is it because of the <insert your favourite 3-letter government agency>?).
+
+Note that FreeS/WAN will use PFS when the client asks for it, even when pfs=no is specified in the FreeS/WAN configuration. FreeS/WAN will ignore the pfs=no for that particular client because PFS is more secure and if the client supports it, why not use it? If you set pfs=no, it allows you to connect with clients that are configured with or without PFS.
+
+See [ISAKMP].
+
+-----
+CategorySecurity
