Hi, On Sun, Dec 15, 2013 at 07:34:27PM +0100, Steffan Karger wrote: > One note on the implementation though; the code generates one ephemeral > RSA key that is used during the entire lifetime of an OpenVPN process. > If OpenSSL requests a new (ephemeral) key, it will keep on returning the > same (usually rather small) key. Not the best solution. > > To actually run this code, I had to force usage by selecting the > TLS-RSA-EXPORT-WITH-DES40-CBC-SHA tls-cipher. That generated a 512-bit > ephemeral RSA key, and uses the outdated DES encryption protocol.
I'm not sure I understand the whole picture here. What is happening in
the "normal" scenario, and why is this particular cipher calling a
different code path inside OpenVPN?
> Using this mode could lead to a false sense of security. Then again, one
> should be using (Ephemeral) Diffie-Hellman anyway, and OpenVPN requires
> a tls-server to supply dh parameters. A user would need to deliberately
> choose a weak tls-cipher like TLS-RSA-EXPORT-WITH-DES40-CBC-SHA, which
> would be aligning a gun with his foot anyway. If one would decide this
> implementation is not good enough anymore, I'd suggest to just strip out
> support for this completely.
I'm tempted to agree with this :) - single-DES (and 40 bit to that!)
really isn't what we want to use.
So what would happen if we remove this code, and a user tries to use this
tls-cipher?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpjvELJUKLeD.pgp
Description: PGP signature
