Track and show which algorithms are considered (still) secure, which insecure / weak

[fingolfin]

This ties in with issue #8, but this information should not just be displayed when clicking on a protocol; rather, it should also be visible in the global comparision page. Say, by allowing users to only show secure protocols.

[fingolfin]

Some notes on known weaknesses (of course, all of these should also be justified, ideally with references):

• all *-96 hmac are insecure
• anything based on md5 is insecure
• anything based on sha1 is suspect, possibly insecure
• "none" is of course insecure
• ssh-dsa is insecure (?)
• arcfour* is insecure
• rijndael* is a deprecated synonym for AES
• -cbc mode is less secure than -ctr
• ...

[diaxen]

There is a common misbelief that md5 and sha1 based hmac algorithms are not secure. However the collision resistance of the hash function is not required to make the hmac construction secure. Proof: https://link.springer.com/chapter/10.1007/11818175_36

[fingolfin]

Nevertheless, consensus in the secsh community is clear: any methods involving md5 and sha1 are considered as insecure / weak, which is what this issue is about.