[Openvpn-devel] Feature proposal: tls-crypt

[Steffan K. <ste...@fo...>]

Hi developers,

Our customers, as well as community users, have asked for encryption of
control channel packets to hide their certificate (containing perhaps
the users' name or organisation), or to provide some basic form of
post-quantum security (see e.g. trac #633).

We've been thinking about this for a while, and would like to implement
such a feature.  I've attached a proposal for an extension of tls-auth
to achieve this in OpenVPN.  Comments and/or questions are very welcome.
 I hope to be able to start implementing this soon.

-Steffan