Re: unbound keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Arno,

and sorry for late reply (see below):

On 3/31/20 11:21 AM, Arno Wagner wrote:
On Tue, Mar 31, 2020 at 10:49:41 CEST, Ondrej Kozina wrote:
Hi,

On 3/30/20 10:17 PM, JT Morée wrote:
After reading the luks2 FAQ, spec and archives I don't understand what an unbound key is used for.

That's our never ending struggle to improve documentation and blog posts
coverage. Hope things get calmer after 2.4.0 release so that we can focus on
this effort.

There is also the thing that the FAQ is LUKS1, not LUKS2.
As LUKS1 is still widely in use, it would not be a good
idea to take it down, buit ther is potential for confusion.
I have made it even clearer now in the Wiki that it is not
the LUKS2 FAQ. That does not exist at the moment.

I expect that at some time it will be a good idea to make
it dual-version with a marker of "LUKS", "LUKS2" or "LUKS+LUKS2"
for each entry, but I think LUKS2 is still too fluid for that
at the moment.

Will existing features be stable after 2.4.0 or do you plan
additional changes?

I'd say LUKS2 on-disk format itself is stable at least since 2.1.0 release. 2.2.0 and later we're adding new features but it doesn't mean we can't document existing features (new pbkdf, per keyslot parameters, unbound keyslots, metadata auto-recovery capabilities, up-conversion to LUKS2, etc.).

LUKS2 metadata is more flexible due to json (text) format so I guess new features will keep comming (one of main reasons we decided to switch to LUKS2 in first place) but it should always be 'extension' and not an incompatible change.

Regards O.

_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt




[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux