>From James Yonan :
> On 18/06/2013 01:41, Joachim Schipper wrote:
> > From James Yonan :
> >> On 14/06/2013 02:47, Joachim Schipper wrote:
> >>> >From James Yonan :
> TLS Protocol
>
>
> Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
> excha
On 18/06/2013 01:41, Joachim Schipper wrote:
From: James Yonan :
On 14/06/2013 02:47, Joachim Schipper wrote:
>From James Yonan :
TLS Protocol
Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
exchange mechanism. But now we have TLS 1.1 and 1.2, each of which
ad
On 17/06/2013 01:58, Steffan Karger wrote:
On 06/14/2013 09:53 PM, James Yonan wrote:
To get the adaptive versioning behavior in OpenSSL, you have to use
SSLv23_server_method() or SSLv23_client_method() and then explicitly
disable the versions you don't want to consider, i.e. SSL_OP_NO_SSLv2,
SS
From: James Yonan :
> On 14/06/2013 02:47, Joachim Schipper wrote:
> >>From James Yonan :
> >> TLS Protocol
> >>
> >>
> >> Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
> >> exchange mechanism. But now we have TLS 1.1 and 1.2, each of which
> >> addresses signific
On 06/14/2013 09:53 PM, James Yonan wrote:
> To get the adaptive versioning behavior in OpenSSL, you have to use
> SSLv23_server_method() or SSLv23_client_method() and then explicitly
> disable the versions you don't want to consider, i.e. SSL_OP_NO_SSLv2,
> SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL
On 14/06/2013 02:47, Joachim Schipper wrote:
From James Yonan :
TLS Protocol
Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
exchange mechanism. But now we have TLS 1.1 and 1.2, each of which
addresses significant shortcomings in its predecessor. Fortunately,
SS
>From James Yonan :
> TLS Protocol
>
>
> Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
> exchange mechanism. But now we have TLS 1.1 and 1.2, each of which
> addresses significant shortcomings in its predecessor. Fortunately,
> SSL/TLS already includes dynamic ve
On 12/06/2013 15:08, Arne Schwabe wrote:
Am 12.06.13 21:38, schrieb James Yonan:
About finding out which cipher client and server use. I am not really
familiar with this code so forgive my stupid question. TLS somehow also
does this "select the best cipher to use" dance. Why can't we use the
TLS
Am 12.06.13 21:38, schrieb James Yonan:
About finding out which cipher client and server use. I am not really
familiar with this code so forgive my stupid question. TLS somehow also
does this "select the best cipher to use" dance. Why can't we use the
TLS mechanism but have to use our own IV_C
I'm going to present some ideas and patches to make OpenVPN more solid
in the area of versioning. The overall goal is to make OpenVPN more
robust with respect to differences between client and server in OpenVPN
version, TLS version, protocol capabilities, and config file grammar.
Specifically
10 matches
Mail list logo
