On Sun, 9 Jun 2013, Pawel Jakub Dawidek wrote:
On Sat, Jun 08, 2013 at 03:02:10PM +0300, Andrew Romero wrote:
> Hi all
> I made a patch to support of external header (metadata) on GEOM ELI (geli)
>
> System: FreeBSD 9-STABLE r250964 i386
>
> geli patch - http://pastebin.com/UGpnMN19
> regresion patch - http://pastebin.com/hJVkTpJZ
I don't mean to discourage you, but every additional complexity comes at
risk and it case of GELI this is security risk. What is missing in your
work is explanation how it that useful for the users? How do you use it?
First I need to understand and be convinced that this functionality is
generally useful and thus is worth additional complexity and risk.
I can't speak for Mr Romero, but I imagine what he's after is plausible
deniability. The GELI metadata on a volume unambiguously declares it to
be encrypted data.
Properly implemented, I think this could be a worthwhile enhancement for
certain applications or circumstances where one may not wish to invite
further scrutiny.
--
Greg Rivers
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-geom
To unsubscribe, send any mail to "[email protected]"
