*Zdenek Kaspar* wrote: > IMO it's not good to hide any changes in crypto from the user.
I agree with you. > Even doubling the key without further notice. Maybe some > hint/help/screen option to explain XTS-based mode. At least in meantime (and before of lenny release) why don't offer only few and safe predefined options? > I don't see any advantages here. XTS is claimed as more secure.. > But still both modes have kernel status = EXPERIMENTAL. Therefore CBC > should stay as "less-secure/more-stable" default option for the system > encryption. Also in 2.6.26 (and .27)? -- Alberto
