On 14/08/17 13:17, Steffan Karger wrote: > Hi, > > On 14-08-17 12:36, David Sommerseth wrote: >> On 01/07/17 13:29, Steffan Karger wrote: >>> The --keysize option can only be used with already deprecated ciphers, >>> such as CAST5, RC2 or BF. Deviating from the default keysize is >>> generally not a good idea (see man page text), and otherwise only >>> complicates our code.> >>> (If this patch is accepted, I'll send a follow-up patch to remove the >>> option from the master branch.) >> >> I agree to the wanted intention of this change. But, it hits badly if >> we remove --keysize on configurations still enforcing BF-CBC with >> --keysize 256. I don't have any numbers of how many users uses it; but >> I know many have preferred BF-CBC for a long time - at least before >> SWEET32 came and hit us all. Bare in mind that BF-CBC was the default >> since 2002-ish (probably even longer, if considering the OpenVPN v1.x >> branch). And many have added --cipher BF-CBC in their configs despite it >> was the default. >> >> As long as BF-CBC is available, we cannot remove --keysize. And to >> remove BF-CBC support, I think that needs a bit longer timespan than >> v2.5. Users *must* be far better prepared for that and we need to make >> loud and clear announcements with such a change. >> >> Yes, in all this, I know that NCP is a nice rescue. As long as everyone >> either runs v2.4 everywhere or deploys --ncp-ciphers and starts the >> migration. But I've lost confidence that the vast majority of our users >> pays closely attention to such feature changes - thus they won't notice >> until it stops working. We need to PUSH this information into their >> faces, with large posters carrying promises of rainbow coloured unicorns >> if they comply today(!). In addition to adding clear warnings in the >> log files for a looong time. >> >> So I propose: >> >> - We add the warning about removing --keysize for both v2.4 and v2.5. >> >> - Add a warning in v2.4 and v2.5 that ciphers with block sizes < 128 >> bits will be *removed* in v2.6 >> >> - When removing those ciphers in v2.6, we can remove --keysize together >> with the ciphers, as it will no longer be valid. But --keysize needs >> to be a NOP for some time (with a warning it has no effect), to avoid >> OpenVPN stopping to run on upgrades. > > Okay. Instead of sending the keysize removal patch, I'll send a patch > that warns that small block ciphers will be removed in 2.6. > > Can you then do s/2.5/2.6/ on the patch, or shall I send a v2?
Yes, I can do that. I'll also remove the remark ("If this is
accepted...") from the commit message too, commit to master and
cherry-pick to release/2.4. I'll also use the term "OpenVPN v2.6"
everywhere, to be more precise in the statements.
But we will need to get started on the planning of the public stunts
too. Getting a wiki page in place would be a nice starting point though.
--
kind regards,
David Sommerseth
OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
