On Tue, Oct 28, 2014 at 13:31, Theo de Raadt wrote: >>> > Nick Holland wrote: >>> > >>> >> encrypted vnd is going away for 5.7. Suggeted by lists at srdn dot >>> >> de, thanks! >>> > >>> > I haven't been able to find this suggestion. Has a maintenance >>> > burdon arisen? Otherwise I would argue that it is more secure >>> > than softraid for small files. I am fairly sure that challenges to say >>> > it is insecure are founded on completely flawed grounds as they depend >>> > on irrelevent circumstances atleast those currently published that I >>> > am aware of. >>> >>> this has been communicated here: >>> http://marc.info/?l=openbsd-misc&m=140146687910205&w=1 >> >>The conclusion I took from that thread was that it was not going to >>actually be removed? I took it to mean simply adding a strong >>indication to users whenever used to use softraid which is better in >>most cases. I totally agree with the warning but would prefer to still >>have it around, if it's no problem. >> >>Would the word deprecated/superseded in 5.7 be more accurate on >>upgrade56.html or is it actually being removed? >> >>http://marc.info/?l=openbsd-misc&m=140147517513716&w=1 > > I disagree with the crypto vnd code leaving the tree. It is a > simple reliable framework. The wording seemed too strong.
There were some unexpected hiccups in the migration strategy that could not be overcome by royal decree alone. :( I've updated the warning to be a simpler suggestion.
