Re: [Bacula-users] file signatures PKI vs FileSet

Hello,

2012/9/28 <lst_hoe02 AT kwsoft DOT de>

- PKI Signature ensures that the client FD can verify on restore that
the data are actually saved by itself signed with the private key

Correct.

- PKI Encryption ensures that no one without any of the private keys
used at backup time can read the data

And Master Key if configured. :)

- The FileSet signature (md5/sha) is used to compare (at Bacula SD?)
if the data read are unaltered regarding the hash value stored in the
database

I think fileset signature is not used during restore. :) I can't find appropriate code in extract_data function. Maybe it is computed elsewhere.

With this in mind we will switch off PKI signatures to eventuelly
(re)gain some speed.

It's a good idea. Especially that pki signatures are computed after whole file restore, which could be slow.

best regards

--
Radosław Korzeniewski
radoslaw AT korzeniewski DOT net

------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html

_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users