RFC: backporting GEOM to the 4.x branch

Matthew Dillon dillon at apollo.backplane.com
Wed Mar 2 15:09:09 PST 2005


   I think there's a point where the argument becomes absurd, depending 
   on the actual use the encryption is put to.  A cryptographer must 
   deal with all possibilities.  The NSA might require that the data remain
   secure for a hundred years, a commercial enterprise might only care about
   20 years.  An individual, like me, might only care that a typical hacker
   can't do anything with the data.   A terrorist... well, you get the idea.

   Poul is clearly most interested in being able to destroy the encryption
   key quickly, making all the knowledge the person controlling the data
   has about passwords and such moot, and his focus is clearly not so much
   on the security of the passkey or even the security of the data prior
   to the destruction of the key as it is on the security of the data AFTER
   the destruction of the key.  That's the impression I get, anyhow.

   Personally speaking I have no problem making ultra encryption available
   to the general public, but I do believe (personally speaking) that the
   *default* should be something slightly less secure just so criminals
   and terrorists (at least the stupid ones, which is most or they wouldn't
   be criminals or terrorists), don't get an automatic boost from our work.

					-Matt
					Matthew Dillon 
					<dillon at xxxxxxxxxxxxx>





More information about the Kernel mailing list