Jump to content
Not connected, Your IP:
Sign in to follow this  

SSL and Forward Secrecy

Recommended Posts

I recently was reading about SSL and Forward Secrecy. With the latest information about the NSA grabbing data streams I was sure glad that I already had a VPN in place. Security is very important and I read quite a bit to be sure I am using whatever technologies are available to end users like myself. I noticed that the AirVPN website uses ECDHE_RSA for the key exchange which is GREAT news. Unfortunately most of the sites I visit do not.


My questions are:


1.) Do you have OpenVPN configured to use Forward Secrecy? And, if so, do I need to do anything on my end to enable it?


2.) If OpenVPN is using ECDHE_RSA would that protect my data on all SSL sites I connect to through the VPN?


So happy I chose AirVPN over any of the others.





Share this post

Link to post



1.) Yes. You don't need to do anything on your side.


2.) Any https site will see your connection as coming from an Air VPN server exit-IP address. OpenVPN adds a further layer of encryption (on top of the the web site encryption) from your node to the VPN server you're connected to, which is important if you wish to prevent your ISP from knowing which https sites you access and have some other beneficial side effects, such preventing SSL/TLS BEAST-like attacks.


Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

  • Create New...