On Fri, 21 May 2004, Jason Tackaberry wrote: > I've done some googling and unfortunately I can't find a thorough, > independent audit of OpenVPN's design. However, I've also not been able > to find much in way of vulnerabilities, so it appears to have a good > track record. This, in combination with Gutmann's remarks in his paper, > as well as my own understanding of its design, gives me a reasonable > amount of confidence in OpenVPN. (Vastly more than CIPE, at least, > which was included in RHL in the past.) Yes, Gutmann's comments in general are very positive about OpenVPN. > I don't know much about Openswan, but I do feel that there is room for > both an IPsec and user space VPN solution in FC. Openswan is likely to be very useful to folk who need to use IPSec with NAT-T, xauth etc. - James -- James Morris <jmorris@xxxxxxxxxx>
