Permalink
Browse files

doc: update man page to warn about RFC-5114 DH groups

And warn support will be removed in 2017
  • Loading branch information...
1 parent 8bb4f97 commit a8923b53ed6bac606be4d1acfa8b1df1bb9b2076 @letoams letoams committed Oct 12, 2016
Showing with 14 additions and 3 deletions.
  1. +5 −1 programs/configs/d.ipsec.conf/ike.xml
  2. +9 −2 programs/configs/d.ipsec.conf/phase2alg.xml
@@ -44,7 +44,11 @@ encryption is available, and should only be used for testing or benchmarking pur
insecure algorithms to be re-added to libreswan.
</para>
<para>Diffie-Hellman groups 22, 23 and 24 are also implemented as per RFC-5114. Instead of the modp
-key syntax, use the "dh" keyword, for example <emphasis>ike=3des-sha1;dh23</emphasis>
+key syntax, use the "dh" keyword, for example <emphasis>ike=3des-sha1;dh23</emphasis>. These specific
+DH groups are extremely controversial and MUST NOT be used unless forced (administratively) by the other party.
+Support for these groups will most likely be removed in 2017, as it cannot be proven these DH groups do not
+have a cryptographic trapdoor embedded in them (a backdoor by the USG who gave us these primes without
+revealing the seeds and generation process)
</para>
<para>The modp syntax will be removed in favour of the dh syntax.</para>
</listitem>
@@ -12,8 +12,15 @@ are necessarily supported here.</para>
instance, "3des-md5" or "aes256-sha1;modp2048" or "aes-sha1,aes-md5". When
specifying multiple algorithms, specify the PFSgroup last, e.g. "3des-md5,aes256-sha1;modp2048".
</para>
-<para>For RFC-5114 DH groups, use the "dh" keyword, eg "aes256-sha1;dh23"
-</para>
+
+<para>For RFC-5114 DH groups, use the "dh" keyword, eg
+"aes256-sha1;dh23". These specific DH groups are extremely controversial
+and MUST NOT be used unless forced (administratively) by the other party.
+Support for these groups will most likely be removed in 2017, as it
+cannot be proven these DH groups do not have a cryptographic trapdoor
+embedded in them (a backdoor by the USG who gave us these primes without
+revealing the seeds and generation process) </para>
+
<para> The format for AH is AUTH followed by an optional PFSgroup. For
instance, "md5" or "sha1;modp1536".
</para>

0 comments on commit a8923b5

Please sign in to comment.