[Bug 263379] [regression] [ipsec] compatibility broken between stable/12 and stable/13 opencrypto in AEAD mode

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 263379] [regression] [ipsec] compatibility broken between stable/12 and stable/13 opencrypto in AEAD mode"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 18 Apr 2022 17:20:58 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263379

--- Comment #2 from Eugene Grosbein <eugen@freebsd.org> ---
(In reply to John Baldwin from comment #1)

I'm not an IPSec expert in any way. I tend to agree that this setup may be
broken, if you say so.

I'm talking about setkey(8) manual page that still states:

ALGORITHMS
     The following list shows the supported algorithms.  The protocol and
     algorithm are almost completely orthogonal.

And about compatibility issued when you have multiple stable/12 peers and want
to upgrade to stable/13 sequentially not breaking encrypted links.

-- 
You are receiving this mail because:
You are on the CC list for the bug.