| 117 | * new packet format? (Mail from James, Message-ID: <54648EAC.70204@openvpn.net>) |
| 118 | * AEAD: 12byte nonce is needed - use session ID plus HMAC random for that? James and Syzzer agree on that. |
| 119 | * compression V2 format - yes, go for it |
| 120 | * to support COMPRESS_V2 the server needs to actually send the peer-id packet format as well (right now only the client sends peer-id packets) |
| 121 | * discussion: |
| 122 | * James: lets actually negotiate COMPRESS_V2 so we do not couple peer-id and compression which is actually independent parts/layers of the code |
| 123 | * Arne: this could be "PACKET_FORMAT_3" (peer-id+compress-v2) |
| 124 | * James: lean to "negotiate compression and packet format independently, as they are different layers" |
| 125 | * Jan Just: nice thing about scalar packet format is that you **know** which features have to be in there - but "don't do too many of these versions" |
| 126 | |
| 127 | * regarding --enable-ssl/disable-ssl - decided to a) ask the openvpn-users whether there is anyone using OpenVPN without SSL, and if not, remove the option (so --enable-crypto would bring SSL, --disable-crypto would take away SSL and all crypto) - one different #ifdef variant less |
| 128 | |