On Wed, 2015-10-28 at 02:18 +0100, Stephan Mueller wrote: > > But having a tie between both, the kernel crypto API and the key system, that > cannot be cut any more is something I am not sure about. Both should and would > work in isolation of each other as both serve different needs. Sure, let people load keys directly without having to instantiate keys and then reference them. My point is that only an API which permits *both* models is acceptable. Otherwise, people build bogus assumptions all the way up the stack. Having both ALG_SET_KEY and ALG_SET_KEY_ID in parallel seems ideal. -- dwmw2
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
