Re: [Nbd] what about...
- To: nbd-general@lists.sourceforge.net
- Subject: Re: [Nbd] what about...
- From: Michael Richardson <mcr@...942...>
- Date: Fri, 23 Sep 2011 20:25:28 -0400
- Message-id: <24274.1316823928@...944...>
- In-reply-to: <20110923132111.GA2171@...3...>
- References: <CAFDOyVCgxwOhtuStd+qfPUDNz2JM-o+PqPw2icSDjkXMbJAb8Q@...18...> <20110923132111.GA2171@...3...>
>>>>> "Wouter" == Wouter Verhelst <w@...112...> writes:
Wouter> For similar reasons, I don't believe in adding an encryption
Wouter> option to the protocol, either -- though the reasoning there
Wouter> is slightly different (there are some use cases that could
Wouter> be valid for encryption, like a replay attack, that you
Wouter> can't "fix" with dm-crypt or similar; but there are other
Wouter> ways of implementing that without having to change the NBD
Wouter> protocol).
Wouter> Having said all that, while I'm not going to implement it
Wouter> myself, if someone were to come up with a working patch
Wouter> that'd be easy to support going forward, I wouldn't oppose
Wouter> it...
More to the point: if you want encryption tunnel it over sslwrap,
or use IPsec. If it's a storage LAN, I don't want the overhead.
--
] He who is tired of Weird Al is tired of life! | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@...943... http://www.sandelman.ottawa.on.ca/ |device driver[
Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
then sign the petition.
Reply to: