Skip to content

Dirk Gently

My feedback

1 result found

  1. 188 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Dirk Gently supported this idea  · 
    An error occurred while saving the comment
    Dirk Gently commented  · 

    Today VyprVPN uses a top level GoldenFrog certificate which is 2048 bit v3, but uses sha1 algorithm.
    This, and all certificates VypnVPN should move to sha256 due to known vulnerabilities with sha1. And as per this original request, uplifted to 4096 bit.
    Until done, this makes VypnVPN non-compliant to both PCI-DSS and NIST standards.

    Also, given the GoldenFrog code signing certificate is up for renewal (19-May-2016), it should be fixed to be properly trusted in the certificate store and also sha256.

    As GoldenFrog own the end to end of the VypnVPN service, can they confirm:-
    1. that they're working towards updating to newer TLS 1.2
    2. that VypnVPN isn't one of those services that failed the tests via https://www.htbridge.com/blog/90-percent-of-ssl-vpns-use-insecure-or-outdated-encryption.html

    I enjoy using the service, but given recent articles in the public press I want to be assured this is a secure end-to-end service.

Feedback and Knowledge Base