Dutch Government Officially Trusts OpenVPN-NL

First time accepted submitter joost.bijl writes "Yesterday the Dutch government took a step to further improve the adoption of Open Source in its ranks. It has officialy approved a modified version of the open source VPN software OpenVPN for use on the governmental level 'Departementaal Vertrouwelijk' (Restricted). The release is called OpenVPN-NL and is fully open-source and available for use. The software has undergone a security evaluation by the Dutch government's national communications security agency (NLNCSA). The major change is the removal of OpenSSL as the cryptographic core of OpenVPN-NL. Instead, the Dutch government opted to include the smaller, better readable and documented open source library PolarSSL to provide the cryptographic and SSL/TLS functionality. The Dutch IT Security company Fox-IT worked together with both OpenVPN and PolarSSL communities and modified the stock software to support the government evaluation process. In total 8000 lines of code and 4000 lines of documentation were checked in to the OpenVPN trunk."

Re:Why should we trust openssl?

[Genda]

Yeah, those silly Dutch just don't have a clue... By the way, is the United States still using Windows to control their nuclear power plants???

Re:Awesome

[plj]

I was just thinking that, from Dutch govenment's point of view, OpenVPN must be extraordinary awesome while used in combination with Diginotar-signed certs!

(Sorry, I just couldn't resist.)