On 31/03/17 10:56, Илья Шипицин wrote: > > > 2017-03-31 13:26 GMT+05:00 Samuli Seppänen <sam...@openvpn.net > <mailto:sam...@openvpn.net>>: > > Hi, > > We still bundle EasyRSA 2 with our Windows installers and it is > prominently advertised on our widely linked to HOWTO: > > <https://openvpn.net/index.php/open-source/documentation/howto.html > <https://openvpn.net/index.php/open-source/documentation/howto.html>> > > As such, EasyRSA 2 is used by many/most OpenVPN server admins. > > However, the default values for EasyRSA 2 such as MD5 hashing algorithm > and 1024-bit keysize seem totally inadequate for today's standards: > > <https://github.com/OpenVPN/easy-rsa-old/blob/master/easy-rsa/2.0/vars#L53 > > <https://github.com/OpenVPN/easy-rsa-old/blob/master/easy-rsa/2.0/vars#L53>> > > <https://github.com/OpenVPN/easy-rsa-old/blob/master/easy-rsa/2.0/openssl-1.0.0.cnf#L57 > > <https://github.com/OpenVPN/easy-rsa-old/blob/master/easy-rsa/2.0/openssl-1.0.0.cnf#L57>> > > I think we should upgrade these to something more recent. What would > more modern reasonable defaults be? > > > > someday we decided to use DSA (instead of default RSA) > it worked ... until we started to use OpenVPN Connect for iOS. > next, we had to change back to RSA > > > the conclusion would be "test all available platforms and take a > decision", probably even set up special test server and ask people on > openvpn-users mailing list
Always a good idea to test as many platforms as possible. But we can also leverage all the testing which have been done indirectly by others as well. The suggestion from Samuli is to update the default key size and hashing algorithm. MD5 is broken. MD5 have been broken for years. SHA1 have the recent SHAttering panic, which have its own set of challenges - and should not be used for certificates any longer (if I have understood the crypto-gurus correctly). Also considering that the "world in general" have been moving towards stronger keys *and* have moved towards SHA256 hashing in certificates, updating EasyRSA is more than reasonable. So, I would highly recommend using SHA256. I have used that for my OpenVPN setups for several years already. That works fine for me, and I know others have done the same. This is actually the most challenging move, from a technical point of view - using a new algorithm. But this algorithm is well supported by all OpenSSL and mbed TLS implementations OpenVPN can be built against. Secondly, updating the key length from 1024 bits to at least 2048 should not cause any issues at all. Many users (myself included) often use 4096 bits keys without any issues. Swapping RSA for DSA is an issue of a completely different league. And DSA is by OpenSSH considered too weak; IIRC it was even removed in OpenSSH v7.0. -- kind regards, David Sommerseth OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
