[Ach] OpenVPN and ACH
L. Aaron Kaplan
aaron at lo-res.org
Thu Feb 19 16:55:40 CET 2015
On Feb 19, 2015, at 4:53 PM, Alexander Wuerstlein <arw at cs.fau.de> wrote:
> On 2015-02-19T16:26, Aaron Zauner <azet at azet.org> wrote:
>> Hi,
>>
>> L. Aaron Kaplan wrote:
>>>
>>> No, I disagree. Not mentioning OpenVPN and the issues you are seeing
>>> makes the guide *weaker* than having it in there with *clear* warnings.
>>> Why? Because people will use OpenVPN *anyway*.
>>> No matter if you remove the OpenVPN section or not.
>>> Better to have a clear message on this.
>> [...]
>> I do see OpenVPN as a security concern, and have for quite some time.
>> There are better alternatives [...]
>
> There are better alternatives to OpenVPN? I'm currently unaware of any
> usable OpenSource software that would do the same (i.e. routed VPN via
> plain TCP or UDP connections).
+1
Please enlighten us, azet, in case you know something so widely deployed, superior in daily operations and compatible and flexible.
I guess we should simply document what shortcomings we see right now and, whenever there is a new version of OpenVPN which is better from the bettercrypto standpoing, update the document again.
My 2 pragmatic cents,
a.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20150219/de5ea4ed/attachment.sig>
More information about the Ach
mailing list