It would be relatively easy to provide a mode (even per dataset) where file content is encrypted but all file and ZFS metadata (ACLs, filename, permissions etc) are in the clear. In this case a mount of the filesystem would succeed even if the key isn't present but the key would be needed to read the data.
However I can't find a useful real world case where this would be deployed. In fact quite the opposite filenames and directory structure are often just as sensitive as the file content so really should be encrypted. Does anyone have a use case for clear text filenames and metadata but filesystem encrypted content ? -- Darren J Moffat
