[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Nbd] what about...

>>>>> "Wouter" == Wouter Verhelst <w@...112...> writes:
    Wouter> For similar reasons, I don't believe in adding an encryption
    Wouter> option to the protocol, either -- though the reasoning there
    Wouter> is slightly different (there are some use cases that could
    Wouter> be valid for encryption, like a replay attack, that you
    Wouter> can't "fix" with dm-crypt or similar; but there are other
    Wouter> ways of implementing that without having to change the NBD
    Wouter> protocol).

    Wouter> Having said all that, while I'm not going to implement it
    Wouter> myself, if someone were to come up with a working patch
    Wouter> that'd be easy to support going forward, I wouldn't oppose
    Wouter> it...

More to the point: if you want encryption tunnel it over sslwrap,
or use IPsec.    If it's a storage LAN, I don't want the overhead.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@...943... http://www.sandelman.ottawa.on.ca/ |device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
	               then sign the petition.
Reply to: