On 10/24/2014 11:41 AM, Arne Schwabe wrote: > Am 24.10.14 11:15, schrieb Gert Doering: > And an important distinction is that the p2p mode does not use Diffie > Hellman, meaning that it provides no Perferct Forward Security.
No, I think there's another distinction. There's 'static key mode' (--secret), which does not do key negotiations. But it is also possible to use --tls-server with --remote, resulting in a p2p network setup, but using TLS (and thus dynamic key negotiation and PFS). So much possibilities! -Steffan
