[Ach] OpenVPN and ACH

[Aaron Zauner]

Hi,

Reed Loden wrote:
> Just to follow-up to what Thomas said...
> 
> I worry about throwing OpenVPN away so quickly... It's used by *lots* of
> people and companies, and it's not going away anytime soon. I agree that
> until they have patches like
> https://community.openvpn.net/openvpn/ticket/301 landed that it's not
> going to be viably secure, but I worry about the complete lack of
> OpenVPN detail that people are going to either use the defaults or use
> random hardening guides that don't give the entire picture.

I should have explained in more detail; as soon as this patch is merged
I'm happy to include it again with a statement that OpenVPN above a
certain version should be used.


> I think ACH should continue to mention OpenVPN with warnings about it
> being insecure until certain features/patches are added. Basically,
> provide the best possible 'secure' config with what it supports today
> and continue to evolve that over time as OpenVPN improves. Mention to
> people the specific things it lacks in order to be properly secure as
> per ACH standards so they know the risks they are taking by using it.

Feel free to open a pull request on GitHub for that. But I'd like to
have discussion on this first. I think in the current state of TLS
security only supporting CBC mode is a mistake. That's exactly what our
ciphersuite will do with OpenVPN as is today. OpenVPN also has support
for other block modes including cipher feedback (CFB) and output
feedback mode (OFB). These have security problems and are not in TLS
spec, though.

I'd suggest keeping OpenVPN out of the document until it supports GCM or
CCM. A good idea would be to write to upstream (OpenVPN) about those
patches.

Aaron

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150218/15516f3e/attachment.sig>