[strongSwan] many cipher/hash modes seems to be unavailable
Christoph Anton Mitterer
calestyo at scientia.net
Sun Oct 3 13:43:35 CEST 2010
On Sun, 03 Oct 2010 13:30:11 +0200, Andreas Steffen
<andreas.steffen at strongswan.org> wrote:
>> And isn't it overkill to an authenticating and encrypting cipher,
because
>> I thought authentication would (in addition) be already gained by the
>> e.g.
>> sha1 part?
> In the statement
>
> ike = aes256gcm128-sha512-modp2048
Ah... and what about esp? I thought esp would be always authenticated and
encrypted, does this now mean that when I use e.g.
esp = aes256-sha1 (so no AE cipher like gcm or ccm) that there's no
authentication?
Thx in advance :)
Chris.
More information about the Users
mailing list