Date: Fri, 31 May 2019 13:57:11 -0700 From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: Re: svn commit: r348481 - stable/12/sys/netipsec Message-ID: <1fb0d7f5-1d10-65d2-347b-0bee2dab1ac2@FreeBSD.org> In-Reply-To: <201905312025.x4VKPv6p051128@repo.freebsd.org> References: <201905312025.x4VKPv6p051128@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/31/19 1:25 PM, John Baldwin wrote: > Author: jhb > Date: Fri May 31 20:25:57 2019 > New Revision: 348481 > URL: https://svnweb.freebsd.org/changeset/base/348481 > > Log: > MFC 348205: > Add deprecation warnings for IPsec algorithms deprecated in RFC 8221. > > All of these algorithms are either explicitly marked MUST NOT, or they > are implicitly MUST NOTs by virtue of not being included in IETF's > list of protocols at all despite having assignments from IANA. > > Specifically, this adds warnings for the following ciphers: > - des-cbc > - blowfish-cbc > - cast128-cbc > - des-deriv > - des-32iv > - camellia-cbc > > Warnings for the following authentication algorithms are also added: > - hmac-md5 > - keyed-md5 > - keyed-sha1 > - hmac-ripemd160 Bah, I forgot the 'Relnotes: yes' tag for this. :-/ -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1fb0d7f5-1d10-65d2-347b-0bee2dab1ac2>