On Mon, Jun 18, 2007 at 18:05:35 -0400, Jeremy Katz <katzj@xxxxxxxxxx> wrote: > > If the idea is to actually _support_ full disk encryption in Fedora, > then it has to be everywhere. In the installer. On upgrades (at least > for the Fedora n+1 release :-). In the documentation. Otherwise, we're > doing ourselves a great disservice by talking out of one side of our > mouth saying it's supported but on the other claiming "well, maybe not > so much". > What that means is there should be a plausible path to all of this so people aren't working what is sure to be a blind alley. But if you expect the whole shebang to be done at once, that is a recipie for a project that never gets done. > If it takes less than a second, then that means the measures to slow > down password guessing are pretty bad ;-) You want an exponential > backoff that gets pretty slow pretty fast or it becomes way too easy to > brute force. And even for initial boots, another of the goals for > Fedora 8 is actually making things faster. Why would we make two > features work directly against each other? You can't do exponential back off in this context. The protection measures are against someone that has your disk. The typical way to do this is to rehash the password many times so that the cpu calculations take a significant amount of time for each guess. You aren't relying on an application delaying its response. One password per second isn't really all that bad; at that rate you only need about 25 bits of entropy in your password to protect you for a year. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
