I would like to encrypt my backups on disk, but am concerned that doing so relies on openssl and that may create problems down the line. Could anyone clarify if it will? What's the best thing to do (which might be avoiding encryption)?
I realize that 100% certainty is unlikely; I'll settle for less! Details: I use bacula on Debian, and it has disabled openssl support because of licensing problems (e.g., thread beginning http://lists.debian.org/debian-legal/2007/07/msg00144.html, also the "catch-22 thread" on this list in June). I am interested in encrypting backups. I don't actually care about encrypting communication on the wire, but from what I can tell either feature uses openssl. Does on-disk encryption depend on openssl? I thought I might build a version with openssl enabled, which I think is OK as long as I'm not trying to redistribute it. Is there a risk that at some time in the future I will find bacula doesn't work with openssl and will not be able to decrypt backups I create with openssl? Apparently some people have been working on getting bacula to work with GNUTLS, but Kern's plan is to relicense the sources so they can continue to work with openssl. (I'm a little surprised the latter is possible given that FSF is administering? holding? the license.). But it sounds as if a transition to TLS is possible, maybe done by downstream packagers (e.g., Debian). I don't know if GNUTLS is sufficiently compatible with openssl that it would still be possible to decrypt stuff created with openssl. Anyway, is there a way I can encrypt my backup files that will likely continue to work in the future? Thanks. Ross Boylan ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
