On 11/Jan - 06:07, Geoff Wing wrote: > Matthias Drochner <M.Drochner%fz-juelich.de@localhost> typed: > : I've just made FAST_IPSEC the default implementation which gets > : used if the IPSEC kernel option is present. > : In common setups, it should work at least as good as the old > : (KAME) implementation. > > I thought it couldn't do all the same encryption algorithms as the KAME > version, eg. aes-ctr. Am I wrong? Nowadays, FAST IPSEC supports all algorithms supported by KAME, the missing one was AES-XCBC-MAC for AH, but Matthias added it 7 month ago (fast ipsec supports even more encryption algorithm than Kame one). Regards, -- Arnaud Degroote RIA LAAS / CNRS
Attachment:
signature.asc
Description: Digital signature