From owner-freebsd-geom@FreeBSD.ORG Sun Jun 16 14:47:27 2013 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 4240D50E for ; Sun, 16 Jun 2013 14:47:27 +0000 (UTC) (envelope-from a@carniajeu.com) Received: from mail-qe0-f47.google.com (mail-qe0-f47.google.com [209.85.128.47]) by mx1.freebsd.org (Postfix) with ESMTP id 086081B27 for ; Sun, 16 Jun 2013 14:47:26 +0000 (UTC) Received: by mail-qe0-f47.google.com with SMTP id 1so1192781qec.6 for ; Sun, 16 Jun 2013 07:47:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:x-originating-ip:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:cc:content-type :x-gm-message-state; bh=WRIFD/g62Jde3YCleSYCVAD8Pl4OmXcD5RT6vAZlZYM=; b=WE4k3WZPBPeab0yURMYQ0SXW/It97OABnlVFMGXS2oYj2XjDqIXkWc5uAVjPDIZfQ0 Yu8Ee923by0RwhOP+OPm9QsHvovd5PRBeC6cSPQa9ZKO/EaIU81dnbZ/USd0mTOoFEKs FwgGhQGMj/+0/h1SAhxgdUYc5rKz9H21GSUXJ2vv8sWEiX3NRkRwjfKvpCYcFLji0X53 YnzPUQ7bjDD7b9ed6ApUM+wdWbNbXxy+6ZtmXYN6F/rL2cnK33IPigjEBdg+L8WyCke/ N/rDPJo/KQeuUjDjt3Z0Of6akm3hZkEnM/GkEXMM+kaMFVz315cAAKwMnGiIQKNim+di uGBw== MIME-Version: 1.0 X-Received: by 10.224.179.77 with SMTP id bp13mr12221033qab.34.1371394039983; Sun, 16 Jun 2013 07:47:19 -0700 (PDT) Sender: a@carniajeu.com Received: by 10.49.84.72 with HTTP; Sun, 16 Jun 2013 07:47:19 -0700 (PDT) X-Originating-IP: [46.53.195.87] In-Reply-To: References: <51B31D42.2010801@gmail.com> <20130609182457.GB2468@garage.freebsd.pl> Date: Sun, 16 Jun 2013 17:47:19 +0300 X-Google-Sender-Auth: X3Yy4DrtRkGqAjQcLfOPp-HB9wc Message-ID: Subject: Re: geli external header (metadata) From: Alaksiej Cc: freebsd-geom Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQkHVjv1EbCeaRtB8rSJkVVEMMuWOr56vOlh9Y5h7tY054SkolTtCtQRjk0u7yHb1lM65c5h X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jun 2013 14:47:27 -0000 >I can't speak for Mr Romero, but I imagine what he's after is plausible >deniability. The GELI metadata on a volume unambiguously declares it to >be encrypted data. Agree. And I think this feature is in demand, taking into account growing number of jurisdictions, where a person could be legally obliged to surrender keys/passwords. On Sun, Jun 9, 2013 at 10:51 PM, Greg Rivers wrote: > On Sun, 9 Jun 2013, Pawel Jakub Dawidek wrote: > >> On Sat, Jun 08, 2013 at 03:02:10PM +0300, Andrew Romero wrote: >> > Hi all >> > I made a patch to support of external header (metadata) on GEOM ELI >> > (geli) >> > > System: FreeBSD 9-STABLE r250964 i386 >> > > geli patch - http://pastebin.com/UGpnMN19 >> > regresion patch - http://pastebin.com/hJVkTpJZ >> >> I don't mean to discourage you, but every additional complexity comes at >> risk and it case of GELI this is security risk. What is missing in your work >> is explanation how it that useful for the users? How do you use it? First I >> need to understand and be convinced that this functionality is generally >> useful and thus is worth additional complexity and risk. >> > > I can't speak for Mr Romero, but I imagine what he's after is plausible > deniability. The GELI metadata on a volume unambiguously declares it to be > encrypted data. > > Properly implemented, I think this could be a worthwhile enhancement for > certain applications or circumstances where one may not wish to invite > further scrutiny. > > -- > Greg Rivers > > _______________________________________________ > freebsd-geom@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-geom > To unsubscribe, send any mail to "freebsd-geom-unsubscribe@freebsd.org"