On Wed, Jun 10, 2020 at 11:03:55AM +0200, Tobias Brunner wrote:
> Hi Eric,
>
> > + Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED". It is
> > + better to use ESP only, using an AEAD cipher such as AES-GCM.
>
> What's NOT RECOMMENDED according to the RFC is the combination
Hi Eric,
> + Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED". It is
> + better to use ESP only, using an AEAD cipher such as AES-GCM.
What's NOT RECOMMENDED according to the RFC is the combination of ESP+AH
(i.e. use ESP only for confidentiality and AH for authenticati
On Tue, Jun 09, 2020 at 05:54:02PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> The crypto algorithms selected by the ESP and AH kconfig options are
> out-of-date with the guidance of RFC 8221, which lists the legacy
> algorithms MD5 and DES as "MUST NOT" be implemented, and some more
> mo
From: Eric Biggers
The crypto algorithms selected by the ESP and AH kconfig options are
out-of-date with the guidance of RFC 8221, which lists the legacy
algorithms MD5 and DES as "MUST NOT" be implemented, and some more
modern algorithms like AES-GCM and HMAC-SHA256 as "MUST" be implemented.
But
