@@ -4110,25 +4110,26 @@ Encrypt data channel packets with cipher algorithm

 The default is

 .B BF-CBC,

 an abbreviation for Blowfish in Cipher Block Chaining mode.

-Blowfish has the advantages of being fast, very secure, and allowing key sizes

-of up to 448 bits.  Blowfish is designed to be used in situations where

-keys are changed infrequently.

-For more information on blowfish, see

-.I http://www.counterpane.com/blowfish.html

+Using BF-CBC is no longer recommended, because of it's 64-bit block size.  This

+small block size allows attacks based on collisions, as demonstrated by SWEET32.

-To see other ciphers that are available with

-OpenVPN, use the

+To see other ciphers that are available with OpenVPN, use the

 .B \-\-show\-ciphers

 option.

-OpenVPN supports the CBC, CFB, and OFB cipher modes,

-however CBC is recommended and CFB and OFB should

-be considered advanced modes.

-

 Set

 .B alg=none

 to disable encryption.

+

+As of OpenVPN 2.4, cipher negotiation (NCP) can override the cipher specified by

+.B \-\-cipher\fR.

+See

+.B \-\-ncp-ciphers

+and

+.B \-\-ncp-disable

+for more on NCP.

+

 .\"*********************************************************

 .TP

 .B \-\-ncp\-ciphers cipher_list

@@ -4141,6 +4142,19 @@ is a colon-separated list of ciphers, and defaults to

 For servers, the first cipher from

 .B cipher_list

 will be pushed to clients that support cipher negotiation.

+

+Cipher negotiation is enabled in client-server mode only.  I.e. if

+.B \-\-mode

+is set to 'server' (server-side, implied by setting

+.B \-\-server

+), or if

+.B \-\-pull

+is specified (client-side, implied by setting \-\-client).

+

+If both peers support and do not disable NCP, the negotiated cipher will

+override the cipher specified by

+.B \-\-cipher\fR.

+

 .\"*********************************************************

 .TP

 .B \-\-ncp\-disable