From: Herbert Xu <[EMAIL PROTECTED]> Date: Thu, 3 Aug 2006 11:19:59 +1000
> (To recap our sha256 IPsec implementation truncates the output to 96 > bits while the last IETF draft on sha256 and the general HMAC RFC > requires 128 bits) > > Yes I agree with your assessment. > > Changing it is nasty though since we don't know how many Linux users > have deployed this. > > Also, we should keep in mind that the IETF has given up on sha256 > altogether. I think we have to leave things as is by default, and find some way to provide a 128-bits mode that can be selected by the user. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
