[dm-crypt] The future of disk encryption with LUKS2

Arno Wagner arno at wagner.name
Wed Feb 10 17:22:00 CET 2016


On Wed, Feb 10, 2016 at 16:39:03 CET, Milan Broz wrote:
> 
> On 02/10/2016 04:09 PM, Sven Eschenberg wrote:
[...]
> > So either the layering order is fixed and determined, or you actually 
> > will need intra-layer relationships for proper operation. As an 
> > alternative, leave it to the user's knowledge and handling. But then we 
> > don't need partition tables, LUKS-headers or anything else either, 
> > afterall you can tell each layer the geometry and parameters manually 
> > and use dmsetup for all your tasks.
> 
> It is not just black and white.
> (Could we avoid these logical fallacies here please?)
> 
> Milan

I very much agree. Reality is that sometimes exceptions need to
be made and sometimes you need to deviate from "clean" design
to get good design. The trick is to keep the right balance
and to keep the overall goal firmly in mind and keep the exceptions
and added features down to those really needed, otherwise the 
increased complexity kills you (see also "The second system 
effect" by Brooks). 

Systems were everything is designed "correctly" and "clean" have
a tendency to a) never get finished and b) not work very well.
Reality requires compromises. The trick is to make it good 
compromises.

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list