--- gvpe/doc/gvpe.5.pod 2004/06/11 15:56:12 1.1 +++ gvpe/doc/gvpe.5.pod 2004/10/12 11:54:33 1.2 @@ -94,7 +94,9 @@ This uses a 16 byte HMAC checksum to authenticate packets (I guess 8-12 would also be pretty secure ;) and will additionally prefix each packet -with 8 bytes of random data. +with 8 bytes of random data. In the long run, people should move to +SHA-224 and beyond, but support in openssl is missing as of writing this +document. In general, remember that AES-128 seems to be more secure and faster than AES-192 or AES-256, more randomness helps against sniffing and a longer