remove IPsec SKIPJACK support...
Jim Thompson
jim at netgate.com
Tue Jul 28 04:18:43 UTC 2015
> On Jul 27, 2015, at 10:41 PM, John-Mark Gurney <jmg at funkthat.com> wrote:
>
> Jim Thompson wrote this message on Mon, Jul 27, 2015 at 20:24 -0500:
>>> On Jul 27, 2015, at 7:57 PM, John-Mark Gurney <jmg at funkthat.com> wrote:
>>>
>>> I would like to remove it from HEAD immediately as I don't see a use
>>> for it. Some time ago I proposed removing Skipjack from the OCF in 12, but personally, now that I think about how long 12 is, we deprecate these sooner rather than later.
>>
>> Are we also going to comply with RFC 7321?
>>
>> https://tools.ietf.org/html/rfc7321
>
> Looks like the only thing we need to change to comply w/ RFC7321 is
> to remove DES support (note to those that don't read closely, DES,
> not 3DES aka triple-DES), and I am fine removing DES support sooner
> rather than later...
The RFC 7321 requires it. I’m willing to do the work, but I don’t want it to bikeshed.
Jim
More information about the freebsd-net
mailing list