On Sun, 03 Oct 2010 13:30:11 +0200, Andreas Steffen <[email protected]> wrote: >> And isn't it overkill to an authenticating and encrypting cipher, because >> I thought authentication would (in addition) be already gained by the >> e.g. >> sha1 part? > In the statement > > ike = aes256gcm128-sha512-modp2048
Ah... and what about esp? I thought esp would be always authenticated and encrypted, does this now mean that when I use e.g. esp = aes256-sha1 (so no AE cipher like gcm or ccm) that there's no authentication? Thx in advance :) Chris. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
