On Mon, 2007-08-20 at 10:56 +0800, Zhu Yi wrote: > On Fri, 2007-08-17 at 13:26 +0200, Johannes Berg wrote: > > I was recently reviewing encryption stuff---can you comment on why you > > don't allow disabling hardware keys? For proper operation you really > > should allow that. > > I don't think there is any special reason, just haven't enabled it yet. > We enable the hwcrypto and find it works good, then we switched to > enable something else. For the end users, I think they'd always want to > use hwcrypto if it is supported by the hardware. For developers, I'd > agree it is useful. I'll add it to the TODO list. I guess the relevant thing is that if an association is lost then the key shouldn't be retained in the hardware because it should no longer be used, yet you don't allow to disable that key. johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
