Ranting about OCF / crypto(9)
John-Mark Gurney
jmg at funkthat.com
Mon Jan 15 00:08:37 UTC 2018
John Baldwin wrote this message on Thu, Jan 11, 2018 at 09:41 -0800:
> > > - Simple compression / decompression requests. While this isn't
> > > "crypto", per se, I do think it is probably still simpler to
> > > manage this via OCF than a completely separate interface.
> >
> > Probably, though perhaps less so after the removal of arbitrary
> > stacking depths. And mixing compression with encryption has its own
> > risks, of course.
>
> I probably think you wouldn't mix but would either do compression, auth,
> hash, or auth+enc. NetBSD's /dev/crypto does support stacking
> compression + auth + enc in a single ioctl, but it doesn't provide any
> way to control the ordering so in practice I think it was just a way to
> permit offloading compression alone.
Never makes sense to do compression after enc, so it's really what order
auth and enc should happen in..
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-arch
mailing list