[Swan-dev] symmetry vs Robustness Principle
D. Hugh Redelmeier
hugh at mimosa.com
Thu May 22 21:46:24 EEST 2014
| From: D. Hugh Redelmeier <hugh at mimosa.com>
Oops: in editing I introduced a mistake that is surely confusing.
| Apparently, when the ipsec.conf specifies "aes", for example, we take
| it to mean:
| propose AES 128 (bug: 256 for ESP)
| Consider a case where the other side can only do AES 128 (probably due
| to configuration).
I should have said 192 or 256 here. Something different from what we
propose by default.
More information about the Swan-dev