Received: by 10.223.176.46 with SMTP id f43csp760108wra; Fri, 19 Jan 2018 01:18:10 -0800 (PST) X-Google-Smtp-Source: ACJfBoud4yI/Y/zmf+i9nS+cSdkqxnd1lI45STAkFrQ79zTTpDzVkpk0NJIi8U5LH6T2wjs1D8f8 X-Received: by 2002:a17:902:b2c7:: with SMTP id x7-v6mr1225562plw.94.1516353490400; Fri, 19 Jan 2018 01:18:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516353490; cv=none; d=google.com; s=arc-20160816; b=pRxzlUW040dNFd6GpsFzxvsLcCJpJHNdIceftPJZ25h1v/+D3xsIHY1bna2CB49eP6 bMCnTnEpk89staDvEnhuAPk4M6vO3OZr7KE+W95I4UPURtWIlmsYBZBH3tCu2wSMwm6R WTB/NFpXae8Qwecsz52EI3moplR+QB1QBIGCOKYl0Lc33qFiaeu477pFNyQrwtdKrcrO Gs6UWAtyAWL2EElnvpFUBrtRnP8A2E9ry/KOebOMnkHCT0HQ131jdZxChCHzlhfoTSSi XfAYrWUtRpG7r/TMOYW8iPl8QswafQoXjps6Wv9pdXMuLSIFVrh7/iRVmmDqX5YgeB1M VRcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=Y/vobrvF4pkIGw05AQh5dcpUR/X4Vd3TmrW4/D83sNw=; b=WPrX9rY+WSuoHMSw7v5kjmU02yW+2mxqBXdvNTxTPQIit0V7g2pGHZEzNJkTPdFGv5 jST9Fmfa3fjAToIQQb0KkcL9VEZ/4/6QPRIHlq59n5Fxo5Kx5nI1ivFk51kGcG0jpWv7 UwG7c51sPiVyj+QpbST0ic+FvUcwsJPpXthSXRK1XsQJaihP1OznOcdhoHeqN7j5khE1 OHaPyCo8wxWUF5JJnDWXchaWVosfDb2ZTdEkJ19OuU7pNOVkaOmy2blRknHyo4SSAB3f P58WVNVjt6mGo4glgcCJQ/rijts2w+W4kteEjbJWzKzNR8FKv4qhkNzUXkQwMpcq4KG8 VgPg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k187si7959510pge.377.2018.01.19.01.17.56; Fri, 19 Jan 2018 01:18:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754927AbeASJRI (ORCPT + 99 others); Fri, 19 Jan 2018 04:17:08 -0500 Received: from mail-wm0-f67.google.com ([74.125.82.67]:38661 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750923AbeASJQ6 (ORCPT ); Fri, 19 Jan 2018 04:16:58 -0500 Received: by mail-wm0-f67.google.com with SMTP id 141so2051195wme.3; Fri, 19 Jan 2018 01:16:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:mime-version:content-transfer-encoding; bh=Y/vobrvF4pkIGw05AQh5dcpUR/X4Vd3TmrW4/D83sNw=; b=pXMdmb7IppMiOD3qVkmm/sz4VNOAFMrOYUmIXYUiX6n6MaXOITaihzBCHcTzm0/Y8Y /mg6Dg/pDF8nOBsYSDslxcef2SOEfA8q4uQOo2kflKRq2goThnp/2MGoq5g6b650QbwM UWxx0JIe2tNBAMzZejhFccQ4JDRcvVgOsXThaxNpC2fUkYVeqE01AItrESeXdyMM2k+c TosMzYJNjzdUb+AOHLOhhd56tZ/7yEGKGQlhn9HPqWWzDqYF9mSJdGc7YZNOdWNA7Oyi s03ZN7RnysdJ/a0t1OyaEx1sOGGq8wBwmI/pkHfzIpDixbwT1bqxsvs7sMRp+pa3RUDK FcJA== X-Gm-Message-State: AKwxytemPzx1Cbw6YaPKHXGFKTnps77lRMb5XBGMgZL8+I49b53BEpLu FBr/fierd0qDkuhm5ReC/xA= X-Received: by 10.80.172.47 with SMTP id v44mr11568301edc.130.1516353416242; Fri, 19 Jan 2018 01:16:56 -0800 (PST) Received: from tfsielt31850 ([77.107.218.170]) by smtp.gmail.com with ESMTPSA id b27sm6240091edc.28.2018.01.19.01.16.54 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 19 Jan 2018 01:16:55 -0800 (PST) Message-ID: <1516353413.28972.119.camel@andred.net> Subject: Re: [PATCH 3/3] encrypted-keys: document new fscrypt key format From: =?ISO-8859-1?Q?Andr=E9?= Draszik To: Theodore Ts'o Cc: Eric Biggers , linux-kernel@vger.kernel.org, Mimi Zohar , David Howells , James Morris , "Serge E. Hallyn" , Jaegeuk Kim , Jonathan Corbet , Kees Cook , linux-integrity@vger.kernel.org, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-doc@vger.kernel.org Date: Fri, 19 Jan 2018 09:16:53 +0000 In-Reply-To: <20180117180537.GB6948@thunk.org> References: <20180110124418.24385-1-git@andred.net> <20180110124418.24385-3-git@andred.net> <20180111044801.GB943@zzz.localdomain> <1516199939.28972.101.camel@andred.net> <20180117180537.GB6948@thunk.org> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.26.2-1 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thank you Ted, On Wed, 2018-01-17 at 13:05 -0500, Theodore Ts'o wrote: > On Wed, Jan 17, 2018 at 02:38:59PM +0000, André Draszik wrote: > > > > [...] > > > > > > Please be very clear about exactly what security properties are > > > achieved > > > by > > > using encrypted-keys. > > > > I've left out all of this in the updated documentation, as any such > > information should probably be in Documentation/security/keys/trusted- > > encrypted.rst in the first place. > > Where is this document going to be found / when will it be written? > It seems really odd to be requesting a do code review when the > specifications aren't available and/or haven't been written yet. I > prefer to review the *design* first, as opposed to trying to both > review the code and try to guess at the design and review my guess of > the design at the same time.... Does v3's commit message https://patchwork.kernel.org/patch/10173189/ serve as a good enough design document? Cheers, Andre'