From owner-freebsd-hackers  Wed Sep 25 21:54:49 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 90D9537B401
	for <hackers@FreeBSD.ORG>; Wed, 25 Sep 2002 21:54:48 -0700 (PDT)
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D258243E65
	for <hackers@FreeBSD.ORG>; Wed, 25 Sep 2002 21:54:47 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.12.6/8.12.6) with ESMTP id g8Q4sZ4v033015;
	Thu, 26 Sep 2002 06:54:35 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: "Daniel O'Connor" <doconnor@gsoft.com.au>
Cc: James Gritton <gritton@iserver.com>, hackers@FreeBSD.ORG
Subject: Re: The poor man's cryptfs 
In-Reply-To: Your message of "26 Sep 2002 14:20:29 +0930."
             <1033015832.22320.41.camel@chowder.gsoft.com.au> 
Date: Thu, 26 Sep 2002 06:54:35 +0200
Message-ID: <33014.1033016075@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

In message <1033015832.22320.41.camel@chowder.gsoft.com.au>, "Daniel O'Connor" 
writes:
>On Thu, 2002-09-26 at 14:18, Poul-Henning Kamp wrote:
>> >Have you seen ports/security/vncrypt?
>> 
>> Or src/sys/geom/geom_aes ?
>
>Whoo :)
>
>> I have what I hope is industry-strenght encryption in my development
>> tree with only a few more issues to straigten out before it hits -current.
>
>MFC? 8-)

No way ever.

>Sounds pretty useful..
>How does key management work? (or will work)

The focus is on protecting a the physical disk, a good shot will be
taken at not compromising keys in RAM, but protecting those is not
in the scope.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message