2012/9/28
<lst_hoe02 AT kwsoft DOT de>
- PKI Signature ensures that the client FD can verify on restore that
the data are actually saved by itself signed with the private key
Correct.
- PKI Encryption ensures that no one without any of the private keys
used at backup time can read the data
And Master Key if configured. :)
- The FileSet signature (md5/sha) is used to compare (at Bacula SD?)
if the data read are unaltered regarding the hash value stored in the
database
I think fileset signature is not used during restore. :) I can't find appropriate code in extract_data function. Maybe it is computed elsewhere.
With this in mind we will switch off PKI signatures to eventuelly
(re)gain some speed.
It's a good idea. Especially that pki signatures are computed after whole file restore, which could be slow.
best regards
--