https://bugzilla.mindrot.org/show_bug.cgi?id=3466
--- Comment #3 from tim <tom25...@yandex.com> --- Because some proxy provider, such as Psiphon, using AES_CTR_XXX_hmac-sha1 or AES_CTR_XXX_hmac-sha1-96, SHA_1 is weak. I think prefer using AEAD is a "defense in depth", because TLS 1.3 and Wireguard onld support AEAD, they are modern and widely used. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs