On Sun, 31 Aug 2003, James Yonan wrote: > I'm thinking about something like this in a more generalized context, where > OpenVPN running as a server would actually generate the config file for the > client, and send it to the client via SSL after an initial authentication > handshake. This would simplify the configuration on the client side, and > allow the server to send routes back to the client.
I wonder if this could be extended to a general configuration handshake, where the client could opt out of some options, for example LZO compression or tun vs. tap. (One should think the client would always want to compress data to avoid redundancy-based or "known-plaintext" attacks on the encrypted connection, but anyways.) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95
