From: Milan Broz <gmazyland@gmail.com>
To: Johanna A <johanna-a@mjao.org>, dm-crypt@saout.de
Subject: Re: [dm-crypt] PKCS#11 support in cryptsetup
Date: Sun, 15 May 2016 19:48:01 +0200 [thread overview]
Message-ID: <5738B651.8040105@gmail.com> (raw)
In-Reply-To: <CAAZ_WPaQUna6h1++qS_ArvcvXCi8raOaEZTLJOLoNQuou1x_aw@mail.gmail.com>
On 05/07/2016 09:03 AM, Johanna A wrote:
> In a comment to the last pull request I suggest adding pkcs#11 support
> in cryptsetup in a similar way as to how keyfiles are handled. In a
> way keyfiles and pkcs#11 data objects are quite similar. Both are
> accessiable via an URI (https://tools.ietf.org/html/rfc7512), both can
> be read depending on size or until EOF.
Hi,
in new version of LUKS we plan to add some kind of token
support (at least to store some metadata inside LUKS to identify what
token can open particular keyslots and that token will contain
data to open particular keyslot).
Anyway, PKCS#11 is one of example I would like to see to be tested
from the beginning.
What library it should use is another question.
It would be nice if you can create "feature request" issue on cryptsetup
gitlab page (https://gitlab.com/cryptsetup/cryptsetup/issues)
and link your code (and possibly previous discussion) there.
We will return to that later (in guess in 1-2 months, unfortunately...) and
I update the issue there once this happens.
Thanks,
Milan
prev parent reply other threads:[~2016-05-15 17:48 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-07 7:03 [dm-crypt] PKCS#11 support in cryptsetup Johanna A
2016-05-07 19:32 ` Michael Kjörling
2016-05-07 19:57 ` Johanna A
2016-05-15 17:48 ` Milan Broz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5738B651.8040105@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=johanna-a@mjao.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox