[strongSwan] Implications of Weak DH / Logjam on IPSec
Fred
curious_freddy at gmsl.co.uk
Mon Jun 15 13:14:02 CEST 2015
On 21/05/2015 14:42, Karl Denninger wrote:
> On 5/21/2015 08:42, Gerd v. Egidy wrote:
>>> It is very interesting to
>>> note that the Windows 7/8 Agile IKEv2 VPN client which otherwise is
>>> a great application does not propose anything stronger than the
>>> 1024 bit DH group.
>> And there is no way (registry or similar) to fix this?
>>
>> Do you know offhand about other common mobile clients? Does the current iOS 8
>> IKEv1 client support MODP2048? How about the stock Android client?
>>
>
> BlackBerry's BB10 also only proposes MODP1024 :(
>
Maybe a StrongSwan native app is a good thing for both of these
platforms then? Maybe the StongSwan team will be able to take advantage
of this Windows 10 announcement:
http://www.theverge.com/2015/4/29/8511439/microsoft-windows-10-android-ios-apps-bridges
More information about the Users
mailing list