-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 23/12/10 07:00, travis+ml-openvpn-de...@subspacefield.org wrote: | Hey guys... | | Was wondering if you were familiar with this: | | http://news.ycombinator.com/item?id=2029640 | | And, well... it sounded really familiar: | | http://www.mail-archive.com/cryptography@metzdowd.com/msg07521.html
Well, of course this is really concerning stuff. But the reality is that OpenVPN depends 100% on OpenSSL to do all the encryption stuff. OpenVPN does not do anything extra to the core data encryption or algorithms involved. So, if OpenVPN got an issue here ... then OpenSSL got an even bigger issue, as all who depends on OpenSSL might be at risk. And this mailing list can mostly just cover the former and not the latter. kind regards, David Sommerseth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk0bwrEACgkQDC186MBRfrqQOwCdEhhQ3Zq814CdGTnI+DDK/xja xxkAn1grNJ7mxgeQHILpaVW60Uf/YWRs =B0Ve -----END PGP SIGNATURE-----
