OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Benefits of certificates vs. username/password auth.

https://forums.openvpn.net/viewtopic.php?t=7533

Page 1 of 1

Benefits of certificates vs. username/password auth.

Posted: Tue Jan 18, 2011 10:51 am
by Axel
Hello,

from a securtity perspective are there any drawbacks of using only username/password
authentication compared to certificates based authentication besides the fact that there
is some extra security because of the file based key?

If you know of any cryptography related drawbacks (like forward secrecy etc.), please tell.

Thanks for remarks and ideas.

Axel

Re: Benefits of certificates vs. username/password auth.

Posted: Tue Jan 25, 2011 4:48 pm
by gladiatr72
Hello,

Since no one else has taken the opportunity to respond, here's my take:

Probably. I am not a crypto person. There are numerous articles/documents/etc that discuss the mechanisms/philosophies/math/weaknesses/etc of SSL/TLS [handshaking|setup|use|etc]. I would direct you to google for those. When I reach the (actually important) cryptographic descriptions, my eyes glaze a bit and my brain inserts phraseology to the effect of "I am Thankful the Individuals that Grok the Calculus/statistics/etc Exist" until the document picks up on something that is absorbable by Merely Me.

Regardless, they are definitely worth a read to get a bit of a handle on how things like OpenVPN work cryptographically. Whether or not it sets you at ease is dependent on how paranoid you are.

Regards,
Stephen
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/