--ZGiS0Q5IWpPtfppv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 07, 2006 at 10:29:49AM +0100, Stephen Borrill wrote:
> You may remember a discussion about encryption of compressed vnds that I=
=20
> started: http://mail-index.netbsd.org/tech-kern/2006/06/23/0011.html
> No simple effective solution was proposed (compressing a cgd-on-vnd isn't=
=20
> going to give good compression), so I've decided to go with my original=
=20
> plan and implement DES encryption in the compression part of the vnd=20
> driver.

I think this is a bad idea, for similar reasons to the ones others ahve=20
raised. I agree that it's better to compress before encrypting, but vnd=20
isn't the place.

I think this is a bad idea for two clear reasons. The first is that adding=
=20
a compressing layer, which'd be stacked above the cgd layer, is a clean,=20
extensible architecture.

The second one is that we have already had issues wit cgd's design, which=
=20
we have fixed. The point is that doing crypto right isn't easy. One=20
algorithm won't cut it. Today, someone will need more security and someone=
=20
else will need more performance. And as time goes by, algorithms that are=
=20
fine now will be considered inappropriate and later they will be=20
considered insecure.

To really do this nearly-right, you'll have to reimplement cgd. That's not=
=20
a good idea. A compression stacking layer sounds like a much more useful=20
item.

Take care,

Bill

--ZGiS0Q5IWpPtfppv
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (NetBSD)

iD8DBQFE2AdJWz+3JHUci9cRAs+PAJ9EJdgeDLej5dVJTWBCyTvOOPwOYQCeJxTB
JgeZut/lEyqHFas+PKpC/vI=
=6fzF
-----END PGP SIGNATURE-----

--ZGiS0Q5IWpPtfppv--