[gpfsug-discuss] GPFS, LTFS/EE and data-in-inode?

Stephen Ulmer ulmer at ulmer.org
Tue Jul 25 06:33:13 BST 2017


> On Jul 24, 2017, at 10:57 AM, Jonathan Buzzard <jonathan at buzzard.me.uk <mailto:jonathan at buzzard.me.uk>> wrote:
> 
> On Mon, 2017-07-24 at 14:45 +0000, James Davis wrote:
>> Hey all,
>> 
>> On the documentation of encryption restrictions and encryption/HAWC
>> interplay...
>> 
>> The encryption documentation currently states:
>> 
>> "Secure storage uses encryption to make data unreadable to anyone who
>> does not possess the necessary encryption keys...Only data, not
>> metadata, is encrypted."
>> 
>> The HAWC restrictions include:
>> 
>> "Encrypted data is never stored in the recovery log..."
>> 
>> If this is unclear, I'm open to suggestions for improvements.
>> 
> 
> Just because *DATA* is stored in the metadata does not make it magically
> metadata. It's still data so you could quite reasonably conclude that it
> is encrypted.
> 

[…]

> JAB.

+1.

Also, "Encrypted data is never stored in the recovery log…" does not make it clear whether:
The data that is supposed to be encrypted is not written to the recovery log.
The data that is supposed to be encrypted is written to the recovery log, but is not encrypted there.

Thanks,

-- 
Stephen




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20170725/92184b8f/attachment-0002.htm>


More information about the gpfsug-discuss mailing list