1 result found
188 votesDirk Gently supported this idea ·
An error occurred while saving the commentDirk Gently commented
Today VyprVPN uses a top level GoldenFrog certificate which is 2048 bit v3, but uses sha1 algorithm.
This, and all certificates VypnVPN should move to sha256 due to known vulnerabilities with sha1. And as per this original request, uplifted to 4096 bit.
Until done, this makes VypnVPN non-compliant to both PCI-DSS and NIST standards.
Also, given the GoldenFrog code signing certificate is up for renewal (19-May-2016), it should be fixed to be properly trusted in the certificate store and also sha256.
As GoldenFrog own the end to end of the VypnVPN service, can they confirm:-
1. that they're working towards updating to newer TLS 1.2
2. that VypnVPN isn't one of those services that failed the tests via https://www.htbridge.com/blog/90-percent-of-ssl-vpns-use-insecure-or-outdated-encryption.html
I enjoy using the service, but given recent articles in the public press I want to be assured this is a secure end-to-end service.