[Bug 263379] [regression] [ipsec] compatibility broken between stable/12 and stable/13 opencrypto in AEAD mode

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 18 Apr 2022 17:20:58 UTC

--- Comment #2 from Eugene Grosbein <eugen@freebsd.org> ---
(In reply to John Baldwin from comment #1)

I'm not an IPSec expert in any way. I tend to agree that this setup may be
broken, if you say so.

I'm talking about setkey(8) manual page that still states:

     The following list shows the supported algorithms.  The protocol and
     algorithm are almost completely orthogonal.

And about compatibility issued when you have multiple stable/12 peers and want
to upgrade to stable/13 sequentially not breaking encrypted links.

You are receiving this mail because:
You are on the CC list for the bug.