Hey all,
On the documentation of encryption restrictions and encryption/HAWC interplay...
The encryption documentation currently states:
"Secure storage uses encryption to make data unreadable to anyone who does not possess the necessary encryption keys...Only data, not metadata, is encrypted."
The HAWC restrictions include:
"Encrypted data is never stored in the recovery log..."
If this is unclear, I'm open to suggestions for improvements.
Cordially,
Jamie
----- Original message -----
From: [email protected]
Sent by: [email protected]
To: gpfsug main discussion list <[email protected]>
Cc:
Subject: Re: [gpfsug-discuss] GPFS, LTFS/EE and data-in-inode?
Date: Fri, Jul 21, 2017 6:24 PM
On Fri, 21 Jul 2017 22:04:32 -0000, Sven Oehme said:
> i talked with a few others to confirm this, but unfortunate this is a
> limitation of the code today (maybe not well documented which we will look
> into). Encryption only encrypts data blocks, it doesn't encrypt metadata.
> Hence, if encryption is enabled, we don't store data in the inode, because
> then it wouldn't be encrypted. For the same reason HAWC and encryption are
> incompatible.
I can live with that restriction if it's documented better, thanks...
attq4saq.dat
Type: application/pgp-signature
Name: attq4saq.dat_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss
attlisjw.dat
Description: Binary data
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
