johankool
commented
4 years ago Should we add this though?!
Closed jeroenleenarts closed 4 years ago
johankool
commented
4 years ago Should we add this though?!
roop
commented
4 years ago @fkooman Do the eduVPN OpenVPN servers use compression?
efef
commented
4 years ago compression has been disabled by default because it is considered as a security risk. We can only make it optional if we can get a appropriate license from the LZO owner. Current license is not acceptable for Appstore usage
johankool
commented
4 years ago OK, then we should close this PR until that is resolved.
ghost
commented
4 years ago @fkooman Do the eduVPN OpenVPN servers use compression?
No, never.
ghost
commented
4 years ago compression has been disabled by default because it is considered as a security risk. We can only make it optional if we can get a appropriate license from the LZO owner. Current license is not acceptable for Appstore usage
The only reason compression support would ever be needed is for manual OpenVPN configuration file import in the VPN apps. I'm really surprised OpenVPN revamped/redoubled on compression support recently (--compress) even though it was known to not be safe to use: https://community.openvpn.net/openvpn/wiki/VORACLE
ghost
commented
4 years ago To make clear: compression support would only be needed to (continue to) connect to insecure servers. So it may be better to leave this to OpenVPN Connect (iOS) or Tunnelblick (macOS) for those specific use cases where one wants to connect to an insecure server.
ghost
commented
4 years ago I have no idea how many OpenVPN servers out there enable compression. It could be very few, or almost all. No idea.
jeroenleenarts
commented
4 years ago 👍
Make sure to keep CHANGES.md up to date!