On Fri, Mar 09, 2012 at 07:59:58AM -0500, Hal Rosenstock wrote: > What mkey model is being proposed here ? It looks to me like it is a > single mkey for all ports in the subnet which is the simplest but least > flexible model. If so, I think we need something more flexible as IBA > allows each port to have it's own different mkey.
I would like to see some general agreement on a generator for mkey, something like: MKey = HMAC(Subnet_KEY,PortGUID) This blinds the mkey incase a port is compromised but still lets privileged entities compute it from a single key. -- Jason Gunthorpe <jguntho...@obsidianresearch.com> (780)4406067x832 Chief Technology Officer, Obsidian Research Corp Edmonton, Canada -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
