Re: [Openvpn-devel] Questions/Comments about EasyRSA

2014-09-23 Thread Eric Crist 
Hi Greg,

I've seen your comments, but haven't had the time to reply to them.  You're not 
being ignored, but I've been busy.  IRC in #openvpn, #openvpn-devel, or here is 
fine.  I'd prefer GitHub, as you've been doing, or IRC, myself.

-
Eric F Crist



On Sep 23, 2014, at 10:50:33, Gregory Sloop  wrote:

> I have some comments/issues related to EasyRSA - and I'm glad to assist as I 
> can. 
> 
> However, I've made comments over at GitHub and haven't seen any response - so 
> perhaps this is a better place to make them. Yet, I'm not sure how open this 
> list is to discussion about EasyRSA when, almost certainly, the majority of 
> the traffic is for "real" dev work on the main product, OpenVPN.
> 
> So, is this the place to discuss EasyRSA, or does someone have some 
> alternative suggestions.
> [I'm glad to get into the heart of the discussion, but want to be sure this 
> is the right forum and that I'm not committing some faux-pas.]
> 
> -Greg
> --
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311=/4140/ostg.clktrk___
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel



signature.asc
Description: Message signed with OpenPGP using GPGMail

[Openvpn-devel] Questions/Comments about EasyRSA

2014-09-23 Thread Gregory Sloop 
I have some comments/issues related to EasyRSA - and I'm glad to assist as I 
can. 

However, I've made comments over at GitHub and haven't seen any response - so 
perhaps this is a better place to make them. Yet, I'm not sure how open this 
list is to discussion about EasyRSA when, almost certainly, the majority of the 
traffic is for "real" dev work on the main product, OpenVPN.

So, is this the place to discuss EasyRSA, or does someone have some alternative 
suggestions.
[I'm glad to get into the heart of the discussion, but want to be sure this is 
the right forum and that I'm not committing some faux-pas.]

-Greg

[Openvpn-devel] OCSP_check.sh fixup

2014-09-23 Thread Hubert Kario 
There are few serious issues with the OCSP_check.sh script:
 1. It will accept OCSP responses with bad signatures
 2. It may accept OCSP old responses as currently valid

detailed description on bug tracker:
https://community.openvpn.net/openvpn/ticket/450#ticket

Pull request with fixes:
https://github.com/OpenVPN/openvpn/pull/17

-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: hka...@redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic