On Thu, May 25, 2017 at 11:38:44AM +0100, Duncan Thomas wrote: > On 25 May 2017 at 11:00, Lee Yarwood <[email protected]> wrote: > > This has also reminded me that the plain (dm-crypt) format really needs > > to be deprecated this cycle. I posted to the dev and ops ML [2] last > > year about this but received no feedback. Assuming there are no last > > minute objections I'm going to move forward with deprecating this format > > in os-brick this cycle. > > What is the reasoning for this? There are plenty of people using it, and > you're going to break them going forward if you remove it.
It has bad security management characteristics because the passphrase is directly used to create the encryption key. Thus there's no way to update the passphrase without re-encrypting all data in the device. If your passphrase is compromised all data is compromised until you can do such re-encryption, or you have to shred all copies of it, including any backups. If you want todo the encryption in-place your VMs have to be taken offline too. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
