On Thu, Jan 20, 2011 at 07:05:52AM -0800, Carl Cook wrote: > > Does BTRFS have subvolume encryption built in? If not, why?
Not at the moment. My opinion on why: Getting crypto right is *hard*. There are far easier features that people are asking for that we can implement first. There may be technical issues that make it hard to implement within btrfs, although being able to do compression is harder from a FS structure point of view, so I suspect that the issues are more about ensuring correctness of the crypto implementation (not just the basic symmetric algorithm, because we've got those in the kernel, but all the key management and block chaining and probably a bunch of things I don't know about because I'm not a cryptographer -- all of which makes a big difference to the security of the final system). Hugo. -- === Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk === PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk --- Once is happenstance; twice is coincidence; three times --- is enemy action.
signature.asc
Description: Digital signature
