From: Landon F. <la...@bi...> - 2009-03-13 18:25:18
|
On Feb 16, 2009, at 11:15 AM, Steve Polyack wrote: > > Feature Request Form > > Item n: Storage Daemon based encryption > Origin: Steve Polyack <korvus at comcast dot net> > Date: 16 February 2009 > Status: new > > What: The ability to encrypt and decrypt data that moves between > the storage daemon and its storage devices. > > Why: Storage daemon based encryption could simplify the > encryption of data in an environment where the links between SDs and > FDs are local and trusted. > Job data could be protected as it is written to tape, DVD, > or other media which may be used for off-site storage. > > Notes: * Environments with many backup clients would not have to > maintain secure and safe storage of many keys > * This adds the ability to migrate existing tapes to an > encrypted format; read the plaintext tape to disk, write the data > back out encrypted to > another tape. As an addendum to the feature request, here are some crypto implementation details I wrote up regarding SD-encryption back in Jan 2008: http://www.mail-archive.com/bac...@li.../msg28860.html Cheers, Landon |