> Does this patch was included in further release of strongswan? 5.0 ou > greater for example?
The patch is not mainline yet, and I don't know if it ever will. I'm a little skeptic that users really understand the security implications. A more secure approach would be to use the certificate ID as peer identity, regardless of the IDi we get. This would bind the policy lookup strictly to the certificate, while working around the issue we see with Windows 8. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
