-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello David,
Am 01.04.14 14:41, schrieb David Sommerseth: > On 01/04/14 08:30, Michael Post wrote: >> The failure was a misadjusted time. The clients has the time >> 1970, but the certificate is valid beginning 15. March 2014. > ....... > > This has been discussed in our developer meetings in > #openvpn-devel and we recognise that in some environments this > could be somewhat useful. But we consider the related security > aspect around doing this to be far worse than the real usability of > such a feature. > your right. This is a security leak, but i personally prefer have the possibility to switch off this "security feature" - only for debug proposals or maintanance situations. In my case, the device has no hardware-clock on board (embedded computer) and the crond daemon does not works. No i fixed it (with driving 4 hours on highway), but when i had the possibility to disable this feature temporarly, i would spend this lost time and could repare this bug on client side. Thanks for your great support, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJTOrXbAAoJEFF6fE6T32A8zdAH/jZPD10EZn0o/lPFErLw0tWD 1Iki0wpvS62X/K/ADa4cY+PnxOlhuCOvzogiR0uM+DeE6+r0LdyXxG7nPyTDVGMR P1u2yzVmLooBMkhgEgDYvjowanRAh1wvkWpNjF5CDRIZWZkJDac6YTJrU1vSiEDV TKoyNy+cNKNzJdiPPiAIWBkVTqz0zqNk+bDCl1W93/ARv3zD/m3OU6SSMsQE1rh1 2ax39kxVwHbeV+43P7k34ndPC/9CWRstFxCeH2/q+3OrUOYVQFM6wKQWT8hKTZUb AXLZzjFFOWnw7OvRloKkZpoHjVyTLoUEKKCRmSMHV6ZUuodDqP2qitfLBLeT400= =12KH -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
