Re: [PATCH] implement in-kernel keys & keyring management

From: Alan Cox
Date: Mon Aug 09 2004 - 11:04:29 EST

Next message: Hubertus Franke: "Re: [Lse-tech] [PATCH] cpusets - big numa cpu and memory placement"
Previous message: Alan Cox: "Re: dynamic /dev security hole?"
In reply to: bert hubert: "Re: [PATCH] implement in-kernel keys & keyring management"
Next in thread: David Howells: "Re: [PATCH] implement in-kernel keys & keyring management"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Llu, 2004-08-09 at 05:27, Linus Torvalds wrote:
> But at least to me, the /sbin/request-key thing is more like loading a
> module. You might do it to mount a filesystem or read an encrypted volume,
> but you wouldn't do it in the "normal" workload. It's a major event.

The BSD networking PF_KEY does exactly this for IPsec sockets. Coupled
with a cache it seems to work rather well. In fact is there a reason for
not using PF_KEY - other than /sbin/hotplug being cleaner ?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hubertus Franke: "Re: [Lse-tech] [PATCH] cpusets - big numa cpu and memory placement"
Previous message: Alan Cox: "Re: dynamic /dev security hole?"
In reply to: bert hubert: "Re: [PATCH] implement in-kernel keys & keyring management"
Next in thread: David Howells: "Re: [PATCH] implement in-kernel keys & keyring management"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]