Jon and Ian, unless I'm mistaken, I think you both don't understand the threat model.
The threat model is someone with temporary access to the encrypted storage device. This happens in many ways; in hotel rooms, when you leave home, if you host with an untrusted data center, if you pass through customs, with a remote storage cloud, etc. I'd really like to see more block device kinds of layers, possibly one for authentication, one for crypto, one for erasure-coding... all presenting a block device on top, and using a block device on bottom. When you throw in LVM, dm-raid and so on, you can easily compose some awesomeness. ZFS is neat; I keep hearing about it. When can I boot Linux from it? Anyway, I'd like authentication no matter what file system I use. -- Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ My emails do not usually have attachments; it's a digital signature that your mail program doesn't understand. If you are a spammer, please email [email protected] to get blacklisted.
pgpamH1OffNm9.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
