Re: [Openvpn-devel] [PATCH v2] Add per session pseudo-random component to --reneg-sec intervals

2017-04-04 Thread Simon Matter
>> Hi, >> >> On Tue, Apr 04, 2017 at 08:29:49AM +0200, Simon Matter wrote: >>> Interesting to see that there is zero interest in this patch here. >> >> This is a misinterpretation. >> > > Hi Gert, > > Thanks for the explanation, I'll be patient then :) > > If it's preferred for the patch to keep

Re: [Openvpn-devel] Upgrading EasyRSA 2's defaults

2017-04-04 Thread Selva Nair
Hi, On Tue, Apr 4, 2017 at 3:48 AM, Steffan Karger wrote: > From the openssl man page: > > "Beware that with such DSA-style DH parameters, a fresh DH key should > be created for each use to avoid small-subgroup attacks that may be > possible otherwise." > > This means that if

Re: [Openvpn-devel] [PATCH] Add per session pseudo-random component to --reneg-sec intervals

2017-04-04 Thread debbie10t
On 04/04/17 08:30, Simon Matter wrote: >> Hi, >> >> On Tue, Apr 04, 2017 at 08:29:49AM +0200, Simon Matter wrote: >>> Interesting to see that there is zero interest in this patch here. >> >> This is a misinterpretation. >> > > Hi Gert, > > Thanks for the explanation, I'll be patient then :) As

Re: [Openvpn-devel] Upgrading EasyRSA 2's defaults

2017-04-04 Thread Jan Just Keijser
Hi David, On 03/04/17 22:43, David Sommerseth wrote: On 03/04/17 16:12, Jan Just Keijser wrote: On 03/04/17 15:53, Samuli Seppänen wrote: On 02/04/2017 10:57, Steffan Karger wrote: Hi, On 31-03-17 22:34, David Sommerseth wrote: On 31/03/17 10:56, Илья Шипицин wrote: 2017-03-31 13:26

Re: [Openvpn-devel] Upgrading EasyRSA 2's defaults

2017-04-04 Thread Steffan Karger
Hi, On 3 April 2017 at 23:14, Selva Nair wrote: > > > On Mon, Apr 3, 2017 at 4:43 PM, David Sommerseth > wrote: >> >> On 03/04/17 16:12, Jan Just Keijser wrote: >> > Hi Samuli, >> > >> > On 03/04/17 15:53, Samuli Seppänen wrote: >> >> On

Re: [Openvpn-devel] [PATCH] Add per session pseudo-random component to --reneg-sec intervals

2017-04-04 Thread Simon Matter
> Hi, > > On Tue, Apr 04, 2017 at 08:29:49AM +0200, Simon Matter wrote: >> Interesting to see that there is zero interest in this patch here. > > This is a misinterpretation. > Hi Gert, Thanks for the explanation, I'll be patient then :) If it's preferred for the patch to keep it even simpler

Re: [Openvpn-devel] [PATCH] Add per session pseudo-random component to --reneg-sec intervals

2017-04-04 Thread Gert Doering
Hi, On Tue, Apr 04, 2017 at 08:29:49AM +0200, Simon Matter wrote: > Interesting to see that there is zero interest in this patch here. This is a misinterpretation. If you monitor the list, it has been fairly quiet since 2.4.0 release - the active core of openvpn developers have all been busy

Re: [Openvpn-devel] [PATCH] Add per session pseudo-random component to --reneg-sec intervals

2017-04-04 Thread Simon Matter
Hi, >> Hi, >> >> Initially I've created this RFE but have been told to send it to >> the devel list instead: >> >> https://community.openvpn.net/openvpn/ticket/865 >> >> Unfortunately I'm not a developer and have never used git so please bear >> with me as I send a classic patch to the list. >>