Re: [Openvpn-users] Forthcoming OpenSSL releases

Tue, 01 Mar 2016 18:34:34 -0800 

It's basically about the risk of using the same cert on multiple SSL
services. If your website is all good on TLS1.2 but you use the same cert
on your old FTP server that still supports SSLv2, then your website traffic
is at risk of being decryptable due to attackers discovering your private
key via FTP

So if your openvpn servers have specific certs and aren't used by any other
SSL service, you should be fine.

(here's hoping I haven't just embarrassed myself ;-)

Jason


On Tue, Mar 1, 2016 at 9:56 PM, Kapetanakis Giannis <
bil...@edu.physics.uoc.gr> wrote:

> Just a heads up on this:
>
> https://mta.openssl.org/pipermail/openssl-announce/2016-February/000063.html
>
> release is due today and it "will fix several security defects with
> maximum severity "high".
>
> No idea if openvpn is affected.
>
> regards,
>
> G
>
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>



-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to