SSC Data encryption

Gideon Avida gideon at decru.com
Fri Jun 16 13:09:04 PDT 2006 

* From the T10 Reflector (t10 at t10.org), posted by:
* "Gideon Avida" <gideon at decru.com>
*
Here's what I wrote in 06-207:
KEY INSTANCE COUNTER is the same KEY INSTANCE COUNTER from the Data
Encryption Status page (see 8.5.2.7). If the KEY INSTANCE COUNTER does not
match, the device server shall terminate the command with CHECK CONDITION
status,
with the sense key set to DATA PROTECT, and the additional sense code set to
DATA
ENCRYPTION KEY INSTANCE COUNTER HAS CHANGED. If encryption is not
enabled, the device server shall terminate the command with CHECK CONDITION
status, with the sense key set to DATA PROTECT, and the additional sense
code set to
DATA ENCRYPTION NOT ENABLED.
Please let me know if you have suggestions for improvement.
Since this command is optional, legacy drives and drives that don't encrypt
will probably not support it.
I am also toying with the idea of adding a bit to Set Data Encryption page
(now in SSC-3) to indicate that using Write Encrypted is required. Another
option is that using "legacy" write will write in the clear (making it
easier for the application to switch from encrypted to unencrypted). This
could be useful for writing application metadata that should be in the
clear.
Thanks,
Gideon
-----Original Message-----
From: owner-t10 at t10.org [mailto:owner-t10 at t10.org] On Behalf Of Hugh Curley
Sent: Friday, June 16, 2006 12:29 PM
To: t10 at t10.org
Subject: SSC Data encryption
* From the T10 Reflector (t10 at t10.org), posted by:
* Hugh Curley <hcurley at indra.com>
*
Is the purpose of the Write Encrypted command proposal to: 1) writes to 
a drive in encryption mode with a legacy write command will fail, and 2) 
writes to a drive not in encryption mode with the Write Encrypted(16) 
command will fail?
I cannot find this defined in either 06-207 nor 06-172.
Hugh Curley
*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org
*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org

More information about the T10 mailing list