Version 5 (modified by 6 years ago) (diff) | ,
---|
Basic info
- Time: Wed 17th Jan 2018 11:30 CEST (10:30 UTC)
- Place: #openvpn-meeting channel on Freenode IRC network
Topics
- Building release/2.4 branch in Buildbot?
- "release/2.4" has the --disable-crypto flag
- "master" does not
- 2.4.5 release status
- Selva requested feedback on 'ecdsa-sig' management interface command, see below for details
- Review patches on Patchwork
Topics on hold
- FIPS patches
- VLAN patches v2
ecdsa-sig
Email from Selva:
I do not think I can make any coherent case at 5:30am even if I somehow manage to make it to the meeting, but would like some feedback on one thing: Topic: 'ecdsa-sig' management interface command that I proposed (the patch for supporting EC certs with external key being reviewed by Arne). Ref: https://patchwork.openvpn.net/project/openvpn2/list/?series=126 We currently have rsa-sig for RSA signatures[*]. With hindsight we could say this naming was not ideal as now we want to support multiple key types. I think it may be better to name the new command as type-agnostic like 'pkey-sig' so that we can deprecate rsa-sig and eventualy remove it. As only management clients are affected this should be easier than deprecating a config option. In the mean time exclusively use the new command for ECDSA signatures. Including the key/signature type in the command name is not necessary as the UI knows which key to use and that fixes the signature type. If the meeting is already loaded with topics, I can ask this on the devel list. Thanks, Selva [*] The daemon sends RSA-SIGN, the management client responds with rsa-sig