Re: [PATCH net v3 3/3] esp, ah: modernize the crypto algorithm selections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jun 10, 2020 at 11:03:55AM +0200, Tobias Brunner wrote:
> Hi Eric,
> 
> > +	  Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED".  It is
> > +	  better to use ESP only, using an AEAD cipher such as AES-GCM.
> 
> What's NOT RECOMMENDED according to the RFC is the combination of ESP+AH
> (i.e. use ESP only for confidentiality and AH for authentication), not
> AH by itself (although the RFC keeps ENCR_NULL as a MUST because ESP
> with NULL encryption is generally preferred over AH due to NATs).
> 
> Regards,
> Tobias

Okay, I'll drop this paragraph.  I'm surprised that authentication-only is still
considered a valid use case though.

- Eric



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux