[Ach] SWEET32/CVE-2016-2183

Hanno Böck hanno at hboeck.de
Wed Aug 24 21:27:27 CEST 2016

On Wed, 24 Aug 2016 21:19:07 +0200
Akendo <akendo at akendo.eu> wrote:

> The openvpn configuration includes a keepalive parameter with
> following values: 10 120
> you think this is sufficient? Whereby I'm uncertain about the function
> in OpenVPN in regards to your statement.

I have no idea what keepalive means in the context of OpenVPN. My
suggestion was regarding http.

Honestly I only learned that openvpn basically uses its own crypto
quite recently. I don't really understand why they don't simply use
TLS. Probably an interesting research project to look closer into this.

Hanno Böck

mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20160824/48798b43/attachment.sig>

More information about the Ach mailing list