DES is a terrible suggestion, and it MUST NOT be used per RFC7321..

I plan to make code changes soon to break the old config anyways... This chapter needs to be updated badly, and me leaving the example here is not an endorsement to use it... Pointed out by: Daniel Plominski
svn path=/head/; revision=47124
2015-07-28 17:22:22 +00:00 · 2015-07-28 17:22:22 +00:00 · 0bacbbe09e · 2020-12-08 03:00:23 +00:00
commit 0bacbbe09e
parent d087099228
1 changed files with 1 additions and 1 deletions
--- a/en_US.ISO8859-1/books/handbook/security/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.xml
@ -2364,7 +2364,7 @@ sainfo  (address 10.246.38.0/24 any address 10.0.0.0/24 any)	# address $network/
 {								# $network must be the two internal networks you are joining.
        pfs_group       1;
        lifetime        time    36000 sec;
-        encryption_algorithm    blowfish,3des,des;
+        encryption_algorithm    blowfish,3des;
        authentication_algorithm        hmac_md5,hmac_sha1;
        compression_algorithm   deflate;
 }</programlisting>