On 8 December 2017 18:43:04 CET, Paul Wouters <[email protected]> wrote: >On Thu, 7 Dec 2017, Kesava Vunnava (kesriniv) wrote: . Is there any way (either through >configuration/tweak) available to disable this check !? > >No there is no such option, because it is inherently insecure.
And presumably has been for a long time.... What is more insecure... taking an acknowledged risk with your certificates by using a switch to override the new defaults, or being forced for whatever reason to stay on an older version of Libre? I have a similar issue with a router that I need to upgrade. It can't operate with newer minimum defaults until I can get to replace it, so until I can I have no option but to use an older, (potentially less secure because of bugs etc) version of Libre. That is going to take me a few months to sort due to locations. In the meantime I just have to accept the risks. I don't dispute that raising security levels is important. But for various reasons we can't always jump that high or fast immediately. Just a thought.... :-) -- Sent from my Android phone with K-9 Mail. Please excuse my brevity. _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
