"Michael H. Warfield" wrote:
>
<snip>
>
> A few of the issues I see...
>
> What existing add-on packages do we want integrated into the kernel?
>
Loopback crypto and CIPE. Both stable (when used with working ciphers).
FreeS/WAN when they clean their things up.
> What form should a cryptographic service provider take?
>
You know there's a Ciper- and Digest-API distributed with the
international kernel patch?
> What algorithms do we need?
> DES, 3DES, Idea, BlowFish...
>
Renove DES! Add Serpent and the (five?) finalists of the AES
competition.
> Do we need public key algorithms?
>
I think that is application-specific and uncritical w.r.t speed and
therefore belongs to userspace.
> What are the initial cryptograhic service consumers?
> CIPE, IPSec, loopback crypto...
>
Crypted swap with hidden key generated on boot-up from /dev/random? IIRC
HPA was talking about such.
> Do we provide access from user level programs to kernel level
> algorithms?
>
Wouldn't the userspace-to-kernel-to-userspace transitions be too great a
penalty w.r.t speed? Maybe making the CryptoAPI a library would help.
> How to we coordinate with the different projects to get them
> to use the integrated crypto?
>
Let the implementations of ciphers for the CryptoAPI get a _lot_ of
peer-reviewing by crypto-professors and they'll run to use these
routines.
<snip>
> If there is sufficient interest and discussion, we may want to set
> up a separate mailing list just for common crypto issues and development.
> I would be willing to host such a list, but I want to be sure there is
> sufficient interest and agreement before going to that trouble. If the
> threads remain managable and well identified, we may keep it here on
> linux-kernel unless we get too many complaints.
>
<snip>
As it seems that a linux-crypto ml does not exist yet:
On Tue, 16 Nov 1999 Rik van Riel wrote:
>
> On Tue, 16 Nov 1999, Marc Mutz wrote:
>
> > As this is the official mailing list for discussion concerning the
> > kerneli patches (maybe there should be a linux-crypto ml, please
> > tell me if it exists):
>
> If it doesn't exist yet, you're welcome to host it at
> nl.linux.org...
>
<snip>
I had not the time to let this happen. Michael, maybe you can talk to
Rik, if you are interested in doing the hosting.
Marc
-- Marc Mutz <Marc@Mutz.com> http://marc.mutz.com/Encryption-HOWTO/ University of Bielefeld, Dep. of Mathematics / Dep. of PhysicsPGP-keyID's: 0xd46ce9ab (RSA), 0x7ae55b9e (DSS/DH)
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Feb 07 2000 - 21:00:13 EST