On Monday, December 10, 2012 at 1:17 AM, James Page wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 19/09/12 02:53, Dustin Kirkland wrote: > > > > Looking forward, another option might be to implement > > > > encryption inside btrfs (placeholder fields are there in the > > > > disk format, introduced along with the compression code way > > > > back when). This would let ceph-osd handle more of the key > > > > handling internally and do something like, say, only encrypt > > > > the current/ and snap_*/ subdirectories. > > > > > > > > Other ideas? Thoughts? > > > > > > > > sage > > I love the idea of btrfs supporting encryption natively much like > > it does compression. It may be some time before that happens, so > > in the meantime, I'd love to see Ceph support dm-crypt and/or > > eCryptfs beneath. > > > > Has this discussion progressed into any sort of implementation yet? > It sounds like this is going to be a key feature for users who want > top-to-bottom encryption of data right down to the block level. Peter is working on this now — I'll let him discuss the details. :) -Greg -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
