|
|
|
|
|
|
by fmajid
2307 days ago
|
|
|
TLS has shown how the quest for backwards compatibility has the unintended consequence of downgrade attacks. Wireguard's lack of cryptographic agility is a feature, not a bug. Sure, it means everyone has to upgrade when a new version of the protocol comes out, but the entire point of a VPN is security. That said, OpenBSD's OpenIKEd is just as simple and efficient, and thanks to standard compliance (IPsec, IKEv2 and MOBIKE) it works out of the box with iOS devices. |
|
|
It will be interesting to see what happens when (or if) large enterprises and hardware vendors adopt it.