On Wed, 2015-10-28 at 02:18 +0100, Stephan Mueller wrote:
> But having a tie between both, the kernel crypto API and the key system, that 
> cannot be cut any more is something I am not sure about. Both should and 
> would 
> work in isolation of each other as both serve different needs.

Sure, let people load keys directly without having to instantiate keys
and then reference them. My point is that only an API which permits
*both* models is acceptable. Otherwise, people build bogus assumptions
all the way up the stack.

Having both ALG_SET_KEY and ALG_SET_KEY_ID in parallel seems ideal.


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to