[Swan-dev] symmetry vs Robustness Principle

D. Hugh Redelmeier hugh at mimosa.com
Thu May 22 21:46:24 EEST 2014

| From: D. Hugh Redelmeier <hugh at mimosa.com>

Oops: in editing I introduced a mistake that is surely confusing.

| Apparently, when the ipsec.conf specifies "aes", for example, we take
| it to mean:
| 	propose AES 128 (bug: 256 for ESP)

| Consider a case where the other side can only do AES 128 (probably due
| to configuration).

I should have said 192 or 256 here.  Something different from what we
propose by default.

More information about the Swan-dev mailing list