As a best practice, choose the strongest authentication
and encryption algorithms the peer can support. For the authentication
algorithm, use SHA-256 or higher (SHA-384 or higher preferred for
long-lived transactions). Do not use SHA-1, MD5 or none. For the
encryption algorithm, use AES; DES and 3DES are weak and vulnerable.