From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:59173)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <armbru@redhat.com>) id 1fSmNp-0000Pz-3i
	for qemu-devel@nongnu.org; Tue, 12 Jun 2018 12:43:02 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <armbru@redhat.com>) id 1fSmNo-0004fS-AS
	for qemu-devel@nongnu.org; Tue, 12 Jun 2018 12:43:01 -0400
From: Markus Armbruster <armbru@redhat.com>
References: <20180612125821.4229-1-armbru@redhat.com>
	<20180612125821.4229-19-armbru@redhat.com>
	<20180612132041.GH24690@redhat.com>
Date: Tue, 12 Jun 2018 18:42:56 +0200
In-Reply-To: <20180612132041.GH24690@redhat.com> ("Daniel P. =?utf-8?Q?Ber?=
	=?utf-8?Q?rang=C3=A9=22's?=
	message of "Tue, 12 Jun 2018 14:20:41 +0100")
Message-ID: <87fu1snegf.fsf@dusky.pond.sub.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH 18/18] rbd: New parameter key-secret
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. =?utf-8?Q?Berrang=C3=A9?=" <berrange@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>, kwolf@redhat.com, jcody@redhat.com, qemu-devel@nongnu.org, qemu-block@nongnu.org, mreitz@redhat.com

Daniel P. Berrang=C3=A9 <berrange@redhat.com> writes:

> On Tue, Jun 12, 2018 at 02:58:21PM +0200, Markus Armbruster wrote:
>> Legacy -drive supports "password-secret" parameter that isn't
>> available with -blockdev / blockdev-add.  That's because we backed out
>> our first try to provide it there due to interface design doubts, in
>> commit 577d8c9a811, v2.9.0.
>>=20
>> This is the second try.  It brings back the parameter, except it's
>> named "key-secret" now.
>>=20
>> Let's review our reasons for backing out the first try, as stated in
>> the commit message:
>>=20
>>     * BlockdevOptionsRbd member @password-secret isn't actually a
>>       password, it's a key generated by Ceph.
>
> I thought about that when I first added password-secret, but felt
> that it is still effectively acting as a password to authenticate
> to the server, and calling it password-secret made it clearer that
> it was related to the authentication phase, and not for example,
> disk encryption.

I feel it's best to stick to the names Ceph uses, and Ceph calls it
"key".

[...]