2001-12-16 06:22:46

by Jon Peatfield

[permalink] [raw]
Subject: crypto api stuff

Having spent some time trying to decide which version of the crypto
api patch is best to apply to recent 2.4.x kernels I wondered if any
serious thought had been given to including this in the standard
kernel tree for 2.5 (and maybe some future 2.4 perhaps if it proves
stable in 2.5)?

I for one would like to take an off-the-shelf standard kernel and use
loopback to mount an encrypted file-system. Maybe then vendors would
start including this functionality.

[ I assume that the US laws on exporting crypto (which I seem to
remember got relaxed a while back) are no longer a significant
problem, or there wouldn't be things like openssl or openssh in common
distros. ]

--
Jon Peatfield, DAMTP, Computer Officer, University of Cambridge
Telephone: +44 1223 3 37852 Mail: [email protected]


2001-12-16 15:05:05

by Matthew M

[permalink] [raw]
Subject: Re: crypto api stuff

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 16 December 2001 06:22, Jon Peatfield wrote:
> Having spent some time trying to decide which version of the crypto
> api patch is best to apply to recent 2.4.x kernels I wondered if any
> serious thought had been given to including this in the standard
> kernel tree for 2.5 (and maybe some future 2.4 perhaps if it proves
> stable in 2.5)?

AFAIK the crypto api is very broken... problems with block sizes and various
other niggles that make it unlikely to ever become a part of the kernel. Have
a look at:

http://mail.nl.linux.org/linux-crypto/2001-07/msg00181.html
http://mail.nl.linux.org/linux-crypto/2001-07/msg00189.html

*MatthewM*
- --

A closed mouth gathers no foot.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8HLfOzhSxTQTEoE0RAn7GAJ4th0B7oj4uvGjd8DBaUJ3303MCZwCfSr6I
oUvL/SL2x7mT5iiG6ybaWGI=
=xnOg
-----END PGP SIGNATURE-----