From 714cbbb6d110cea24f84f9cce7c255849e869f6d Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Fri, 27 Feb 2015 14:49:28 +0300 Subject: [PATCH] Move comparison with OpenVPN to Features section Signed-off-by: Sergey Matveev --- README | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/README b/README index f2c0d66..26a6cb4 100644 --- a/README +++ b/README @@ -6,6 +6,21 @@ govpn is simple secure virtual private network daemon. It uses DH-EKE for mutual zero-knowledge authentication and authenticated encrypted transport. It runs under GNU/Linux and FreeBSD. +FEATURES + +* GNU/Linux and FreeBSD support +* IPv6 compatible +* Encrypted and authenticated transport +* Relatively fast handshake +* Replay attack protection +* Perfect forward secrecy (if long-term pre-shared keys are compromised, + no captured traffic can be decrypted anyway) +* Mutual two-side authentication (noone will send real network interface + data unless the other side is authenticated) +* Zero knowledge authentication (pre-shared key is not transmitted in + any form between the peers, not even it's hash value) +* Built-in rehandshake and heartbeat features + DESCRIPTION All packets captured on network interface are encrypted, authenticated @@ -33,17 +48,6 @@ Also you can provide up and down scripts that will be executed after either connection is initiated (up-script in background), or is went down. The first argument for them is an interface name. -COMPARISON TO OpenVPN - -* Faster handshake -* Perfect-forward secrecy (if long-term pre-shared keys are compromised, - no captured traffic can be decrypted anyway) -* Mutual two-side authentication (noone will send real network interface - data unless the other side is authenticated) -* Zero-knowledge authentication (pre-shared key is not transmitted in - any form between the peers, not even it's hash value) -* Fully IPv6 compatible - CONSOLE OUTPUT LEGEND B -- bad or timeouted UDP packet (maybe network is inactive) -- 2.44.0