[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1499937.MpmApGzYrd@tauon.atsec.com>
Date: Wed, 28 Oct 2015 00:35:30 +0100
From: Stephan Mueller <smueller@...onox.de>
To: David Woodhouse <dwmw2@...radead.org>
Cc: Marcel Holtmann <marcel@...tmann.org>,
Herbert Xu <herbert@...dor.apana.org.au>,
linux-crypto@...r.kernel.org,
linux-kernel <linux-kernel@...r.kernel.org>,
linux-api@...r.kernel.org, David Howells <dhowells@...hat.com>
Subject: Re: [PATCH v2 0/5] crypto: add algif_akcipher user space API
Am Mittwoch, 28. Oktober 2015, 08:15:16 schrieb David Woodhouse:
Hi David,
>
>Absolutely. The interface needs to support *both*.
>
>I've spent a lot of time chasing through userspace stacks, fixing
>broken assumptions that we will *always* have the actual key material
>in a file — and making libraries and applications accept PKCS#11 URIs
>referring to keys in hardware as well as filenames.
>
>I am violently opposed to exposing an API from the kernel which makes
>that *same* fundamental mistake, and ties its users to using *only*
>software keys.
>
>FROM THE BEGINNING, users of this new API should be able to cope with
>the fact that they might not *have* the key material, and that they
>might simply be referring to a key which exists elsewhere. Such as in
>the TPM, or within an SGX software enclave.
Albeit that all sounds like the crown jewel, how do you propose that shall
happen?
Assume that you have a web server that has a pub and priv key in its current
configuration -- I guess that is the vast majority of configs.
Can you please elaborate how the process for such a web server shall really
work?
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists