<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On 8 December 2016 at 11:28, Paul Wouters <span dir="ltr"><<a href="mailto:paul@nohats.ca" target="_blank">paul@nohats.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div id="gmail-:js" class="gmail-a3s gmail-aXjCH gmail-m158df4396c87755b">I think we only really do<br>
twofish_cbc?<span class="gmail-"></span></div></blockquote></div><br><br></div><div class="gmail_extra">Good point.  It looks like:<br><br></div><div class="gmail_extra">- we can negotiate IKE "twofish_ssh"<br></div><div class="gmail_extra">- but we use "twofish_cbc" as the encryption<br><br></div><div class="gmail_extra">so I guess it was never fully implemented.<br><br></div><div class="gmail_extra">Time to delete?<br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Andrew<br><br></div><div class="gmail_extra"><br></div></div>