Hi,
Good idea. It's now on my list of things to do.
Samuli
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hi Samuli,
>
> Since the download link are pointing to swupdate.openvpn.org and this
> server has a valid SSL certificate, would it be possible to publish
> HTTPS links? Thanks in ad
On 06-03-15 17:42, debbie...@gmail.com wrote:
>>> Server Config:
>>> tls-cipher
>>> TLS-DHE-RSA-WITH-AES-256-CBC-SHA:DEFAULT:!EXP:!LOW:!PSK:!SRP:!kRSA
>>
>> Just use "tls-cipher DEFAULT:!EXP:!LOW:!PSK:!SRP:!kRSA",
>> TLS-DHE-RSA-WITH-AES-256-CBC-SHA is ready part of DEFAULT.
>
> Specifying the act
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Samuli,
Since the download link are pointing to swupdate.openvpn.org and this
server has a valid SSL certificate, would it be possible to publish
HTTPS links? Thanks in advance.
Best regards,
Simon Deziel
On 03/05/2015 08:01 AM, Samuli Seppänen
Hi,
On Fri, Mar 6, 2015 at 12:32 PM, wrote:
> Can somebody please explain this:
>
> Adding !EXP to the server side tls-cipher is enough to mitigate attacks. The
> suggested tls-cipher string is DEFAULT:!EXP:!LOW:!PSK:!SRP:!kRSA. This
> disallows export ciphers, weak ciphers (e.g. DES), and RSA k
- Original Message -
From: "Steffan Karger"
To: "Debbie Tent" ;
Sent: Friday, March 06, 2015 3:23 PM
Subject: Re: [Openvpn-users] New OpenVPN 2.3.6 Windows installers released -
FREAK
> Hi,
>
> On Fri, Mar 6, 2015 at 12:32 PM, wrote:
>&g
Hello,
I've checked my TCP server with SSL FREAK Check
(https://tools.keycdn.com/freak) and it said my address is not
vulnerable to the SSL FREAK attacks.
Is it enough or I have to update OpenVPN anyway?
Best regards,
Pavel
On 05.03.2015 15:01, Samuli Seppänen wrote:
Hi all,
New Windows ins
Hi
Can somebody please explain this:
Adding !EXP to the server side tls-cipher is enough to mitigate attacks. The
suggested tls-cipher string is DEFAULT:!EXP:!LOW:!PSK:!SRP:!kRSA. This
disallows export ciphers, weak ciphers (e.g. DES), and RSA key exchange
(note: not RSA authentication), but
