Jump to content
Not connected, Your IP: 3.236.253.192
Stalinium

Key management: ambiguous wording 'renew'

Recommended Posts

I'm talking about this page: https://airvpn.org/devices/
I find the 'Renew' button misleading. I first thought it does update the key somehow, and does not stand for the revoke-generate new process. I did not notice the small explanation text at the bottom back then and wondered why my config files stopped working :)

I suggest the button name to be changed to "Regenerate" as it implies a greater change than the word "renew"... to me at least. Then either highlight the bottom description on mouse hover over the buttons or bring it to the top. Current:

Quote
Create new keys if you use the same account on more devices. For example named like PC and Mobile

Renew a key only if you think your OpenVPN configuration files are not under your control.
Old key expiration is immediate and active connection dropped. If you use our Config Generator, you will need to recreate the files.
Paraphrased example:
Quote
We recommend you to create separate keys to use on multiple devices, example names: PC and Mobile.
These keys are like passwords that allow your device to establish a connection to AirVPN. If you lost your mobile phone, simply regenerate or delete that key to ensure nobody will connect to the VPN under your account. Changing or deleting the key is immediate and active connections are dropped.

If you don't use our official apps (link), you need to recreate the .ovpn files with Config Generator (link) to include the new keys for the device.

Share this post


Link to post

Are you soft-auditing AirVPN or what's with the 10+ threads about such trifles?

And what's exactly the difference? No matter if you "update the key somehow" or replace it with a new one, you'd need to regenerate configs or reconnect, anyway. Besides, it's written that this feature is best used if you think your key pair is abused or something.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post
7 hours ago, OpenSourcerer said:

Are you soft-auditing AirVPN or what's with the 10+ threads about such trifles?

Does it mean I can actually get paid for this? :P
The difference is user experience. If I'm the only one then it's just a me problem. If I'm not the only one who stumbled over this scratching the head then it definitely should be improved. blablabla... better ux = more users = more money
PS: Weirdly i wasnt notified of your reply

Share this post


Link to post
20 hours ago, Stalinium said:

The difference is user experience. If I'm the only one then it's just a me problem. If I'm not the only one who stumbled over this scratching the head then it definitely should be improved. blablabla... better ux = more users = more money


Why did this make you scratch the head? What did you actually expect to happen?
 
20 hours ago, Stalinium said:
PS: Weirdly i wasnt notified of your reply

Follow the topic. If you do, unfollow, then refollow.

» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

A bit of psychological support.  Stalinium, you are not the only one.  I had precisely the same experience and the same reservations about the terminology maybe a year ago when I first pushed that button.  I am sympathetic though to English clearly not being the first language of at least most of the Air staff.  It shows in their posts in general.  I can nearly always comprehend just fine, but sometimes the wording feels peculiar.  It's to be expected, and I'm certainly happier having them in Italy than in one of the English-dominant surveillance statesLong live Italian!

OpenSourcerer, thanks for your patience.  Much appreciated. As to what we expected to happen from "renew," think about OpenVPN's periodic internal key renewal.  From the point of view of us mere users, it's a mysterious, behind-the-scenes thing that magically improves security.  The first time I hit "renew," that's what my clueless nanobrain was thinking: magic, security, a button to push now and then.  Having to redo configs encouraged me to study up and aim for microbrain status.
 

Share this post


Link to post

Well, it is a language barrier, but not in the way you imagine. A barrier between tech and non-tech, rather than Italian and English or something.
Renewing is a technical term describing a process where something gets deleted and a different something of its kind placed in its stead. Example would be the OpenSSL keys in an OpenVPN connection, a prerequisite for Forward Secrecy. Another one would be renewal of a DHCP IP address, where the old one is dropped and replaced with a new one assigned by the DHCP server (Windows users might know this by the command ipconfig /renew). A ring to rule them all. And you must know, IT technicians are at times just about as lazy as mathematicians (call it practical, if you must), so why call the one "regenerate" and the other "reassign" when "renew" covers both, and then some?

Here's some fingerfood for those who want to peek behind the curtain, by the way.

Also, I'm not against the proposition. It's just that the page itself says to only use it if you suspect abuse… and that connections get killed… and that configs must be regenerated. Kinda sus.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post
@Stalinium

Thank you. "Renew" is correct and accurate while "Regenerate" is inaccurate if not wrong. See also OpenSourcerer message.

That said you all are right, English is not the first language of any member of the AirVPN staff and only one founder has a University doctoral preparation in English language (in scientific English, not in English literature), but he can't read and fix every and each document written by the whole staff. We promise we will do our best to improve.

Kind regards
 

Share this post


Link to post
@SurprisedItWorks probably best described my mental process. I did not notice/read the explanation below the "Renew" buttons until after I clicked "renew" and visited the page a second time - wondering why my config files no longer logged me in. Since the wording is correct, I propose that the explanation is made more prominent and harder to miss. If you can't add some fancy design / reorder the text positions as a whole, a superscript "Renew1" could work to bring attention.
 
PS: I am glad Air is not from the US like many VPN providers who at the same time continue touting how privacy-friendly they are.
https://www.computerweekly.com/news/252501996/IBM-pushes-back-against-US-government-data-requests
Quote
The act, which came into effect in March 2018, effectively gives the US government access to any data, stored anywhere, by US corporations in the cloud, but IBM said it has only ever received one request for European client content from US law enforcement under the Cloud Act.
https://www.theguardian.com/technology/2014/apr/29/us-court-microsoft-personal-data-emails-irish-server
At the same time I understand that the EU is willing to walk hand in hand with other authoritarian governments and will happily lobby equal laws:
Quote
2018: BRUSSELS (Reuters) - Technology companies such as Google, Microsoft and Facebook will be forced to hand over users’ data to European law enforcement officials even when it is stored on servers outside the bloc, under a law proposed by the EU on Tuesday.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...