Bug#726448: closed by Christian Perrier <bubulle@debian.org> (Bug#726448: fixed in partman-crypto 66)

To: 726448@bugs.debian.org
Subject: Bug#726448: closed by Christian Perrier <bubulle@debian.org> (Bug#726448: fixed in partman-crypto 66)
From: Thiemo Nagel <thiemo.nagel@gmail.com>
Date: Sun, 10 Nov 2013 17:58:00 +0100
Message-id: <[🔎] CAOGcq_5giatYUG0pSb84wAMRr8nLSiaijKJGK=BE=-=Zikf7Dg@mail.gmail.com>
Reply-to: Thiemo Nagel <thiemo.nagel@gmail.com>, 726448@bugs.debian.org
In-reply-to: <handler.726448.D726448.138401081323813.notifdone@bugs.debian.org>
References: <E1VfAR1-0001mV-Nt@franck.debian.org> <20131015193808.16932.74457.reportbug@kiste> <handler.726448.D726448.138401081323813.notifdone@bugs.debian.org>

Dear Christian,

thank you for uploading my patches!

> Changes:
>  partman-crypto (66) unstable; urgency=low
>  .
>    [ Thiemo Nagel ]
>    * Use the same security setting for wiping existing volumes
>      than previous settings, when the volume was already encrypted.
>      Closes: #726448

I'm sorry, but I believe that this does not describe the nature of the
changes very well. It is not about wiping existing volumes but about
wiping the device (with random data) on which a new crypto volume is
to be created as to obscure future write patterns to the new crypto
volume. (I don't want to exclude that it might affect the wiping of
existing volumes, but I believe that this is irrelevant.)

I'd rather suggest something along the lines of:

"Protect meta-information (including eg. the amount of free space)
with the same crypto algorithm and the same key size as are used for
the volume's content."

Cheers,
Thiemo

Reply to:

Prev by Date: user-setup_1.53_i386.changes ACCEPTED into unstable
Next by Date: Processing of yaboot-installer_1.1.30_powerpc.changes
Previous by thread: user-setup_1.53_i386.changes ACCEPTED into unstable
Next by thread: Processing of yaboot-installer_1.1.30_powerpc.changes
Index(es):
- Date
- Thread