I suppose the distinction between data, metadata and data IN metadata could be made. Whilst it is clear to me (us) now, perhaps the thought was that the data would be encrypted even if it was stored inside the metadata.
My two pence. Richard From: [email protected] [mailto:[email protected]] On Behalf Of James Davis Sent: 24 July 2017 15:45 To: [email protected] Subject: Re: [gpfsug-discuss] GPFS, LTFS/EE and data-in-inode? Hey all, On the documentation of encryption restrictions and encryption/HAWC interplay... The encryption documentation currently states: "Secure storage uses encryption to make data unreadable to anyone who does not possess the necessary encryption keys...Only data, not metadata, is encrypted." The HAWC restrictions include: "Encrypted data is never stored in the recovery log..." If this is unclear, I'm open to suggestions for improvements. Cordially, Jamie ----- Original message ----- From: [email protected]<mailto:[email protected]> Sent by: [email protected]<mailto:[email protected]> To: gpfsug main discussion list <[email protected]<mailto:[email protected]>> Cc: Subject: Re: [gpfsug-discuss] GPFS, LTFS/EE and data-in-inode? Date: Fri, Jul 21, 2017 6:24 PM On Fri, 21 Jul 2017 22:04:32 -0000, Sven Oehme said: > i talked with a few others to confirm this, but unfortunate this is a > limitation of the code today (maybe not well documented which we will look > into). Encryption only encrypts data blocks, it doesn't encrypt metadata. > Hence, if encryption is enabled, we don't store data in the inode, because > then it wouldn't be encrypted. For the same reason HAWC and encryption are > incompatible. I can live with that restriction if it's documented better, thanks... [Document Icon]attq4saq.dat<https://mail.notes.na.collabserv.com/livemail/0/82a99bcc9635f22a6009b956b15655c7/Body/M1.2/attq4saq.dat?OpenElement> Type: application/pgp-signature Name: attq4saq.dat _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
