[Openswan dev] Invalid argument NULL (patch from users)

Paul Wouters paul at xelerance.com
Mon Dec 19 16:11:06 CET 2005

On Mon, 19 Dec 2005, Alain RICHARD wrote:

> Please note also that the IETF ipsec working group is not considering ESP_NULL
> as a testing stuff, but is indicated as required in the current drafts :
> http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-ah-algorithms-02.txt

So is 1des and mod768, which we do not support.

Invariably, ESP_NULL is badly used. It is used when other "strong" crypto,
such as some weak broken WEP is used.

Anyway, it will be fixed, though using it is still a bad idea.


More information about the Dev mailing list