Re: [PATCH 14/19] conf: Add new secret type "key"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 06/21/2016 08:08 AM, Peter Krempa wrote:
> On Mon, Jun 13, 2016 at 20:27:53 -0400, John Ferlan wrote:
>> Add a new secret type known as "key" - it will handle adding the secret
>> objects that need a key (or passphrase), such as will soon be the case
> 
> This may be misleading a "key" is not equal to a "passprhase" in usual
> encryption terminology. Key usually refers to the actual encryption key
> used to encrypt the data whereas passprhase is usually a human readable
> secret string (which may not be random at all) used to access the key
> later.
> 
> The cryptsetup man page tends to treat them interchangably to some
> extent (eg a key slot equals to passprhase, but the master key refers to
> the actual encryption key used for the data).
> 
> To avoid confusion I'd rather stick with "passphrase".
> 

That was my other choice... 'key' was just shorter and easier to type.

I'll make that adjustment, so it'll be:

<secret ephemeral='no' private='no'>
  <uuid>f52a81b2-424e-490c-823d-6bd4235bc572</uuid>
  <description>Sample Passphrase Secret</description>
  <usage type='passphrase'>
    <passphrase>mumblyfratz</passphrase>
  </usage>
</secret>


John
>> for a luks volume for both storage driver create and libvirt domain usage.
>>
>> Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx>
>> ---

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]