[Bug 263379] [regression] [ipsec] compatibility broken between stable/12 and stable/13 opencrypto in AEAD mode

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 18 Apr 2022 19:01:53 UTC

--- Comment #5 from John Baldwin <jhb@FreeBSD.org> ---
I have a review for the manpage at https://reviews.freebsd.org/D34947 (Eugene,
I couldn't add you on the review via your freebsd.org username for some

In terms of how to inform other users, we could perhaps add a check to
stable/12 to warn users about using an explicit -A in combination with AES-GCM
just as we have warnings in place now for older cipher suites deprecated in
FreeBSD 13.  I suspect such uses are somewhat rare though given it's not a
standard combination?  (There's no support in IKE for specifying a combination
like this for example.)

You are receiving this mail because:
You are on the CC list for the bug.