21 Apr
2011
21 Apr
'11
1:17 p.m.
On Thu, 21 Apr 2011 17:55:32 BST, Ben Whorwood said:
* How well would the connection handle certificate (>= 2048 bit key) based authentication?
It will hiccup for a moment (maybe a quarter or half second) for the data. The certificate exchange is the least of your problems.
* Is VPN over this type of connection simply a bad idea?
Well, 33.6k is a Bad Idea right there. :) But if you're stuck with that for technical reasons, but need a VPN for security reasons, it won't be all *that* much worse, unless you're doing a lot of SSH or similar short-packet single-keystroke traffic, where the VPN overhead will start being a bit painful. Shouldn't be too hard to model the traffic involved to see if it's too painful - FreeBSD has dummynet IIRC.