[Swan-dev] shannon_entropy [was Re: ikev2-14-missing-ke test failure]
D. Hugh Redelmeier
hugh at mimosa.com
Sun Jan 4 06:50:07 EET 2015
| From: Paul Wouters <paul at nohats.ca>
| Since we cannot force people to stop using IKEv1 Aggressive Mode, we can
| at least force them to use stronger passwords.
If a user isn't allowed to choose a secure protocol, that indicates
some other authority is dictating terms. Perhaps that authority also
dictates a password that would not pass our strength check.
(I frequently get infuriated by web sites that require a password but
forbid the one I choose, weakening all passwords and effectively
directing me to weaken mine.)
More information about the Swan-dev
mailing list