Hi Then, why do i have to set certification on conn conf section for any connection? RSA method in strongswan only is used in authentication not key exchange?Am I right ? Eexcuse me for these dummy questions.
On Mon, Sep 26, 2011 at 8:58 AM, nima chavooshi <[email protected]> wrote: > Hi > Then, why do i have to set certification on conn conf section for any > connection? Pki in strongswan only is used in authentication not key > exchange ? > Eexcuse me for these dummy question. > > > On Sunday, September 25, 2011, Andreas Steffen < > [email protected]> wrote: > > strongSwan exclusively uses Diffie-Hellman for key exchange. There is an > > RSA encryption variant for IKEv1 but which is rarely used at all. > > > > Regards > > > > Andreas > > > > On 09/25/2011 03:26 PM, nima chavooshi wrote: > >> Hi > >> In some documents I have read about diffie hellman and RSA. according > >> those documents usage of diffie hellman and RSA is equal, in fact, those > >> method are used for key exchange.but must only one method to be > selected. > >> In StrongSwan, I have to set both RSA and diffie hellman in ike or esp > >> values. so I am a little confused. > >> > >> Thanks for any help or guidance > > > > ====================================================================== > > Andreas Steffen [email protected] > > strongSwan - the Linux VPN Solution! www.strongswan.org > > Institute for Internet Technologies and Applications > > University of Applied Sciences Rapperswil > > CH-8640 Rapperswil (Switzerland) > > ===========================================================[ITA-HSR]== > > >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
