Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 19 Oct 2015 01:29:36 +0200
From:      "Julian H. Stacey" <jhs@berklix.com>
To:        Yonas Yanfa <yonas@fizk.net>
Cc:        freebsd-current@freebsd.org
Subject:   Re: Depreciate and remove gbde
Message-ID:  <201510182329.t9INTarc018248@fire.js.berklix.net>
In-Reply-To: Your message "Sun, 18 Oct 2015 06:36:19 -0400." <56237623.5010702@fizk.net>

next in thread | previous in thread | raw e-mail | index | archive | help

Yonas Yanfa wrote:
> Hi,
> 
> It seems geli is the standard way of encrypting disks. It's extremely 
> flexible and usually recommended by the community over gbde. Moreover, 
> geli is mentioned a lot more in the mailing lists and forums.

& global community uses DOS-FS more, & mentions MS more than BSD. ;-)
Popularity is not sole index of what everyone should be constrained to use.


> gbde's man page explicitly says that gbde is experimental and should be 
> considered suspect.

Just an old cautious initial description, that I recall long predates geli.


> That seems reason enough to finally depreciate and 
> remove it in favour of geli.

No, very naieve.  No need to remove gbde & disrupt existing users.
Perhaps a reason to re-balance cautious description in both.


> The Encrypting Disk Partitions page in the Handbook discusses gbde 
> first, and describes geli as an alternative. This seems odd, shouldn't 
> this be the other way around?

It was written in historical order.


> Is there any objection to removing gbde?

Yes.  Daft to disrupt users.


> How many people use gbde?

Not so useful to ask on Current@ which tends to use the latest tools
eg geli; try hackers@ or questions@ etc, realise usage of BSD does
not require registration or membership of Any BSD mail list or
forum. Usage of GBDE more so.  Gbde could well be essential on
production servers, but unless admins are also programmers on
current@, they won't even see your idea to remove gdbe.


> When 
> have you used gbde over geli, and why?

Gbde came first, some won't have needed more or wasted time to learn an
alternate they did not need.  Others may have reasons they may not publish.

Without analysis, deprecating gbde is not sensible, & removal worse.
Please research & contribute a handbook section, with URLs & text
comparing gbde & geli (& other crypt FS in ports/ ?), including eg:

- Processor & IO load of both, 
- Crack testing of both if any, 
- History of code review & quality of both. etc
- Patent liabilities of either ? licensing ?
- Compatability of both with other OSs if any,
- Any possiblities for standards approvals of either by any bodies (that
  usually requires funding, so with 2 maybe more chance of 1 being funded ?)

Cheers,
Julian
--
Julian Stacey,  BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com
 Reply After previous text to preserve context, as in a play script.
 Indent previous text with > 		Insert new lines before 80 chars.
 Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201510182329.t9INTarc018248>