[Openswan dev] Invalid argument NULL (patch from users)
Paul Wouters
paul at xelerance.com
Mon Dec 19 16:11:06 CET 2005
On Mon, 19 Dec 2005, Alain RICHARD wrote:
> Please note also that the IETF ipsec working group is not considering ESP_NULL
> as a testing stuff, but is indicated as required in the current drafts :
>
> http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-ah-algorithms-02.txt
So is 1des and mod768, which we do not support.
Invariably, ESP_NULL is badly used. It is used when other "strong" crypto,
such as some weak broken WEP is used.
Anyway, it will be fixed, though using it is still a bad idea.
Paul
More information about the Dev
mailing list