[Swan-dev] simplifying default IKEv1 IKE algorithms

Andrew Cagney andrew.cagney at gmail.com
Tue Feb 7 19:02:20 UTC 2017

>> For the responder, when no ike=, it defaults to accepting almost
>> anything.  That includes MD5, serpent, and twofish (but not cast,
>> which is ESP only).
> It should not include these three. Md5 is too weak and all md5 users
> do sha1. And serpent/twofish are weird ducks and should not be used
> unless explicitly configured.


That's a separate change; it will need some thought and libreswan in
FIPS mode is already behaves correctly (I'd like to avoid the obvious
hack of adding a hardwired switches to filter these out; perhaps a
per-algorithm should_not flag similar to FIPS-compliant).


More information about the Swan-dev mailing list