Hi,
On 19/03/2021 15:20, Arne Schwabe wrote:
> From: "Jason A. Donenfeld"
>
> OpenVPN traditionally works around CAs. However many TLS-based protocols also
> allow an alternative simpler mode in which rather than verify certificates
> against CAs, the certificate itself is hashed and compared ag
From: "Jason A. Donenfeld"
OpenVPN traditionally works around CAs. However many TLS-based protocols also
allow an alternative simpler mode in which rather than verify certificates
against CAs, the certificate itself is hashed and compared against a
pre-known set of acceptable hashes. This is usua
