[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Some comments on partman-crypto templates

On Monday 01 May 2006 16:30, Max Vozeler wrote:
> David and I have already been discussing this point and agreed to
> default to the recommende IV algorithm in all cases. For this
> particular choice (and probably also the hash algorithm), we've
> considered to change the priority of the question so that it would not
> be shown in default installs but only in expert mode. I'm not sure if
> this can be accomplished by simply changing the priority, will need to
> check. So normal users shouldn't need to see this template at all.

Yes, should be no problem if a good default is set.
However, adding some explanation is still good as loads of people install 
in expert mode (leftover from MS installs where "expert" used to be the 
only way to set up a system to your needs; nowadays of course even expert 
mode does not allow you to do that).

>   Different algorithms exist to derive the IV (Initialization vector)
>   for each sector. This choice is consequential for the security of the
>   encryption and there is usually no reason to change this from the
>   recommended default, except for compatibility with older systems.

s/Initialization vector/initialization vector/ (or both capitalized)
s/is consequential for/influences/
s/ and there is usually/. Normally there is/

>   The encryption key is derived from the passphrase by applying a
>   one-way hash function to it. There is usually no reason to change
>   this from the recommended default and doing so in the wrong way
>   can lead to lower-security encryption.

s/There is usually/Normally there is/
s/lead to lower-security encryption/reduce the security of the encryption/

Attachment: pgphxf_27miQs.pgp
Description: PGP signature

Reply to: