[Bug 3466] Prefer using AEAD algorithms

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Sep 23 13:29:24 AEST 2022


--- Comment #3 from tim <tom25519 at yandex.com> ---
Because some proxy provider, such as Psiphon, using
AES_CTR_XXX_hmac-sha1 or AES_CTR_XXX_hmac-sha1-96, SHA_1 is weak. 
I think prefer using AEAD is a "defense in depth", because TLS 1.3 and
Wireguard onld support AEAD, they are modern and widely used.

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list