From: James Page <james.page@ubuntu.com>
To: Dustin Kirkland <dustin.kirkland@gazzang.com>
Cc: Sage Weil <sage@inktank.com>, ceph-devel@vger.kernel.org
Subject: Re: on disk encryption
Date: Mon, 10 Dec 2012 09:17:08 +0000 [thread overview]
Message-ID: <50C5A894.8020507@ubuntu.com> (raw)
In-Reply-To: <CANT6BaObaeTF9giuTi-f=2gjW4BUVHyZxRSvETNhunqAta=6FA@mail.gmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 19/09/12 02:53, Dustin Kirkland wrote:
>>> Looking forward, another option might be to implement
>>> encryption inside btrfs (placeholder fields are there in the
>>> disk format, introduced along with the compression code way
>>> back when). This would let ceph-osd handle more of the key
>>> handling internally and do something like, say, only encrypt
>>> the current/ and snap_*/ subdirectories.
>>>
>>> Other ideas? Thoughts?
>>>
>>> sage
> I love the idea of btrfs supporting encryption natively much like
> it does compression. It may be some time before that happens, so
> in the meantime, I'd love to see Ceph support dm-crypt and/or
> eCryptfs beneath.
Has this discussion progressed into any sort of implementation yet?
It sounds like this is going to be a key feature for users who want
top-to-bottom encryption of data right down to the block level.
- --
James Page
Ubuntu Core Developer
Debian Maintainer
james.page@ubuntu.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCAAGBQJQxaiUAAoJEL/srsug59jDULUP/2pbVVNJC/Dt6S7A+uUGMGQJ
/jgFqu6SVHplTGs3cKqDYH22W9b34Gr/kcga9qj00lo844drRNRo/AVfdaA+j7Ge
gkqc4ZiwNgZSHmu+I9/4fDpSRJf19i2le1/qtIToAXsxZJyefM4clPrWblK24bRd
T7yWbVJBxjiYv7FziHZohDEJ/jz2OMk4THZYVkB+yuUPLbDnbFxqK17gRtKPuS/K
EeuFBw1kFgB0OKQ4LGy/GSOK1xM4NiGKpdV9beeSfu1L5f1ClW0Drl221gnhZ4qe
g6HXAdCK1xhDU2xUhrrPSp0iVFGjxjnvoQz7PikX6Hn5lhqjbAHVaoQ9dJpshAsY
86XDVFJJF2ca9FjzBGo+Cx7Ap0ahI4eK1NTiNc/zPEb8TgM9q1OtIlAb9A6pyC/E
l0WQ/0WzhbbnjeByXloLkTG2K0WkaJYovemc959VUrdpP5Di2vsEhhFsVFlFUlTC
i8xQaQZmoXXp8mhzNwdSLIcoUb9Y5MnghNO3mdz6WfM2KtyrTobi5lKZyFxZJfhA
oGt5It6AF/fRHi2Xu9yLyfVYrnf/oDJn1vjzJ0BkJLZ8rUANLVGYrpiKAECY1EF3
Nb2kXnhBVs1426TgvcAlchDUACPNUR2YVx9s12gHVTZURgrSr0+QMPHJL9uRJPxE
5T4wqmJNV2Caponla/fr
=wHrw
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2012-12-10 9:17 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-15 11:54 on disk encryption Sage Weil
2012-09-15 12:22 ` Mark Nelson
2012-09-19 1:53 ` Dustin Kirkland
2012-12-10 9:17 ` James Page [this message]
2012-12-10 15:53 ` Gregory Farnum
2013-01-22 21:28 ` James Page
[not found] ` <CAEgPQZDqUK+MJTX3Kbpdv3ai4=5rNCrGkxi=ioLt5OzC+zi4+Q@mail.gmail.com>
2013-01-23 0:02 ` Sage Weil
2013-01-23 0:04 ` Sage Weil
2013-01-31 23:42 ` Marcus Sorensen
2013-02-01 0:04 ` Mark Kampe
2013-02-01 0:16 ` Marcus Sorensen
2013-02-01 0:44 ` Sage Weil
2013-02-01 0:57 ` Neil Levine
2013-02-01 15:37 ` Christian Brunner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50C5A894.8020507@ubuntu.com \
--to=james.page@ubuntu.com \
--cc=ceph-devel@vger.kernel.org \
--cc=dustin.kirkland@gazzang.com \
--cc=sage@inktank.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.