RFC: backporting GEOM to the 4.x branch
dillon at apollo.backplane.com
Wed Mar 2 15:09:09 PST 2005
I think there's a point where the argument becomes absurd, depending
on the actual use the encryption is put to. A cryptographer must
deal with all possibilities. The NSA might require that the data remain
secure for a hundred years, a commercial enterprise might only care about
20 years. An individual, like me, might only care that a typical hacker
can't do anything with the data. A terrorist... well, you get the idea.
Poul is clearly most interested in being able to destroy the encryption
key quickly, making all the knowledge the person controlling the data
has about passwords and such moot, and his focus is clearly not so much
on the security of the passkey or even the security of the data prior
to the destruction of the key as it is on the security of the data AFTER
the destruction of the key. That's the impression I get, anyhow.
Personally speaking I have no problem making ultra encryption available
to the general public, but I do believe (personally speaking) that the
*default* should be something slightly less secure just so criminals
and terrorists (at least the stupid ones, which is most or they wouldn't
be criminals or terrorists), don't get an automatic boost from our work.
<dillon at xxxxxxxxxxxxx>
More information about the Kernel