Hi, On 14-08-17 12:36, David Sommerseth wrote: > On 01/07/17 13:29, Steffan Karger wrote: >> The --keysize option can only be used with already deprecated ciphers, >> such as CAST5, RC2 or BF. Deviating from the default keysize is >> generally not a good idea (see man page text), and otherwise only >> complicates our code.> >> (If this patch is accepted, I'll send a follow-up patch to remove the >> option from the master branch.) > > I agree to the wanted intention of this change. But, it hits badly if > we remove --keysize on configurations still enforcing BF-CBC with > --keysize 256. I don't have any numbers of how many users uses it; but > I know many have preferred BF-CBC for a long time - at least before > SWEET32 came and hit us all. Bare in mind that BF-CBC was the default > since 2002-ish (probably even longer, if considering the OpenVPN v1.x > branch). And many have added --cipher BF-CBC in their configs despite it > was the default. > > As long as BF-CBC is available, we cannot remove --keysize. And to > remove BF-CBC support, I think that needs a bit longer timespan than > v2.5. Users *must* be far better prepared for that and we need to make > loud and clear announcements with such a change. > > Yes, in all this, I know that NCP is a nice rescue. As long as everyone > either runs v2.4 everywhere or deploys --ncp-ciphers and starts the > migration. But I've lost confidence that the vast majority of our users > pays closely attention to such feature changes - thus they won't notice > until it stops working. We need to PUSH this information into their > faces, with large posters carrying promises of rainbow coloured unicorns > if they comply today(!). In addition to adding clear warnings in the > log files for a looong time. > > So I propose: > > - We add the warning about removing --keysize for both v2.4 and v2.5. > > - Add a warning in v2.4 and v2.5 that ciphers with block sizes < 128 > bits will be *removed* in v2.6 > > - When removing those ciphers in v2.6, we can remove --keysize together > with the ciphers, as it will no longer be valid. But --keysize needs > to be a NOP for some time (with a warning it has no effect), to avoid > OpenVPN stopping to run on upgrades.
Okay. Instead of sending the keysize removal patch, I'll send a patch that warns that small block ciphers will be removed in 2.6. Can you then do s/2.5/2.6/ on the patch, or shall I send a v2? -Steffan
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
