Re: [Bacula-users] file signatures PKI vs FileSet
2012-09-28 07:31:28
Zitat von Radosław Korzeniewski <radoslaw AT korzeniewski DOT net>:
> Hello,
>
> 2012/9/28 <lst_hoe02 AT kwsoft DOT de>
>>
>> - PKI Signature ensures that the client FD can verify on restore that
>> the data are actually saved by itself signed with the private key
>>
>
> Correct.
>
>
>> - PKI Encryption ensures that no one without any of the private keys
>> used at backup time can read the data
>>
>
> And Master Key if configured. :)
>
>
>> - The FileSet signature (md5/sha) is used to compare (at Bacula SD?)
>> if the data read are unaltered regarding the hash value stored in the
>> database
>>
>
> I think fileset signature is not used during restore. :) I can't
> find appropriate code in extract_data function. Maybe it is computed
> elsewhere.
As far as i know the fielset signature is used for verify jobs, so it
would be the Storage Daemon using it and not the File Daemon, no?
>>
>> With this in mind we will switch off PKI signatures to eventuelly
>> (re)gain some speed.
>>
>>
> It's a good idea. Especially that pki signatures are computed after whole
> file restore, which could be slow.
Thanks for confirming
Andreas
------------------------------------------------------------------------------
Got visibility?
Most devs has no idea what their production app looks like.
Find out how fast your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219671;13503038;y?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|