I think almost all versions of OpenVPN clients for mobile devices (windows phone?, Android, iOS) didn't traditionally support anything greater than sha1 crypto, so all openvpn mobile clients affected? OpenVPN traditionally also relied on weak CA configs, so it's like time-warping back 5-10 years in browser land? And how many OpenVPN clients actually validate their server side end properly? Some things to consider.
On Feb 23, 2017 7:44 AM, "Dave Aitel" <[email protected]> wrote: > So what is it that breaking SHA1 gets you on Windows boxes? > > -dave > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > >
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
