tech-crypto: Re: Adding opencrypto, crypto acceelerator to GENERIC kernels?

Subject: Re: Adding opencrypto, crypto acceelerator to GENERIC kernels?
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: Bill Sommerfeld <sommerfeld@netbsd.org>
List: tech-crypto
Date: 11/18/2003 23:29:24

i'll admit to a certain lack of familiarity with the /dev/crypto
interface, but doing software crypto in the kernel on behalf of
userspace makes absolutely no sense unless you're implementing
indirect keying with a trusted in-kernel keystore not accessible to
userland...

And a knob doesn't make sense for that because userland wouldn't have
access to the keys in the first place in that case..

						- Bill