[Ach] SWEET32/CVE-2016-2183
Hanno Böck
hanno at hboeck.de
Wed Aug 24 21:27:27 CEST 2016
On Wed, 24 Aug 2016 21:19:07 +0200
Akendo <akendo at akendo.eu> wrote:
> The openvpn configuration includes a keepalive parameter with
> following values: 10 120
>
> you think this is sufficient? Whereby I'm uncertain about the function
> in OpenVPN in regards to your statement.
I have no idea what keepalive means in the context of OpenVPN. My
suggestion was regarding http.
Honestly I only learned that openvpn basically uses its own crypto
quite recently. I don't really understand why they don't simply use
TLS. Probably an interesting research project to look closer into this.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20160824/48798b43/attachment.sig>
More information about the Ach
mailing list