Comment by rcxdude
I think the main reason ZFS's native encryption isn't recommended is that there's known bugs in its implementation, especially around key rotation and send/recv.
I think the main reason ZFS's native encryption isn't recommended is that there's known bugs in its implementation, especially around key rotation and send/recv.
I'm subscribed to this GitHub issue to follow the situation:
https://github.com/openzfs/zfs/issues/12014
It might not be the only issue related to ZFS native encryption but, at the very least, as long as this one isn't closed I'm assuming it's still not safe.
> I think the main reason ZFS's native encryption isn't recommended is that there's known bugs in its implementation, especially around key rotation and send/recv.
Is that still the case? I thought the send/recv bugs at least were squashed a couple years ago?