group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1379132] Re: openvpn has a poor choice of default cipher, and does not negotiate

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Athos Ribeiro <1379132@xxxxxxxxxxxxxxxxxx>
Date: Wed, 03 Nov 2021 13:00:26 -0000
Reply-to: Bug 1379132 <1379132@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Setting Xenial to wontfix since it did reach its end of standard support
period.

** Changed in: openvpn (Ubuntu Xenial)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1379132

Title:
  openvpn has a poor choice of default cipher, and does not negotiate

Status in openvpn package in Ubuntu:
  Fix Released
Status in openvpn source package in Xenial:
  Won't Fix

Bug description:
  all versions

  The default cipher for openvpn is BF-CBC (blowfish), which was likely
  once a good choice.

  Virtually all modern hardware has hardware acceleration/support for
  AES instructions, and can therefore do AES-128-CBC far faster and more
  efficiently than it can blowfish.

  Unfortunately, it also appears that openvpn doesn't negotiate the
  cipher at all, so it must match on both ends.

  1) please enhance openvpn so that there is at least some negotiation
  (if the server specifies a cipher, and the client does not, then use
  the server's cipher)

  2) change the default to be AES.

  thanks,
  lamont

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1379132/+subscriptions