Actions
Feature #10221
closed
Update DH group warnings to say that group 5 is also weak
Start date:
01/29/2020
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Description
from https://wiki.strongswan.org/projects/strongswan/wiki/SecurityRecommendations:
It is advised to adhere to the recommendation of the appropriate security authority when choosing ciphers
to secure the tunnel cryptographically. www.keylength.com lists some of the standards for western Europe
and the US. It is strongly advised to use at least 2048 bit key length for MODP Diffie-Hellman groups.
DH group 5 = 1536 bits
Updated by Viktor Gurov about 4 years ago
Updated by Jim Pingle about 4 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho about 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- Target version set to 2.5.0
- % Done changed from 0 to 100
Pull request has been merged. Thanks!
Updated by Viktor Gurov about 4 years ago
additional PR for IPsec Phase 1 warning:
https://github.com/pfsense/pfsense/pull/4185
Updated by Viktor Gurov about 4 years ago
- Status changed from Feedback to Resolved
ok on 2.5.0.a.20200211.1811
Updated by Jim Pingle almost 4 years ago
- Status changed from Resolved to Feedback
- Target version changed from 2.5.0 to 2.4.5-p1
Updated by Jim Pingle almost 4 years ago
- Status changed from Feedback to Resolved
Group 5 is now visible in the warnings.
Actions