before the Snowden revelations I would have believed that. Now it just seems like they're not able to maintain the same statement so they haven't updated it. Call me paranoid if you like but context has changed.

One of the big selling points of OSS is that software can be scrutinised for things like back doors. OpenSSL is indeed extremely popular as is OpenVPN - surprises me that the NSA and others have outwit the smart techies that should be able to spot weaknesses. Or perhaps we take OSS for granted so everyone assumes it has been scrutinised but no one actually bothers to analyse the code.

Hmm, so a quick browse over to http://openvpn.net/index.php/open-source/faq/community-software-general/295-are-there-any-known-security-vulnerabilities-with-openvpn.html and we see: "Are there any known security vulnerabilities with OpenVPN? Not to our knowledge (as of 2004.12.08)" Not to be paranoid, but is it too much to ask for them to update their knowledge by about a decade? Am a bit surprised that there doesn't seem to be much published analysis of the protocol.

When it comes to international standards I should remind everyone that the NSA doesn't need to do much to make those complicated and unwieldily. Look at SOAP or UML. For some reason when you gather an international consortium together to make a standard it is natural for it to be a huge WTF by the time it eventually becomes finalised. People feel the need to cater for every conceivable use case even if they're unlikely to be practical or real-world and often those pushing for things have very little grasp of the implications. Crypto related standards are different though, because you actually need people who know what they're doing. So apply the same approach to security and the resulting standard is bound to contain weaknesses. I would bet money that the NSA probably saved the IPSEC standards committee from making it overly weak (much like they enhanced DES when it was first created). Is there an open source alternative to IPSEC that has been scrutinised by cryptographers?