Nicolas Williams wrote: > Since compression is a one-time task for a read-only lofi file, then so > should encryption be a one-time task to be done along with (after) > compression:
but that isn't how lofi encryption is designed to work, and making it work like that completely defeat the whole purpose of why do are doing encryption in lofi. It also creates a window where the data is stored on disk in the clear - which is exactly what we don't want. It would also mean we couldn't use lofi with encryption to swap on (which we need until we get a proper encrypting VM system). -- Darren J Moffat
