Comment 17 for bug 1857398

This is a very interesting idea, but care should be applied when combined with cloud (disk) images. In particular, I worry that if an encrypted disk image is distributed that the well-known passphrase could be used to get the master key from any pristine copy of the disk image. In effect, the master key becomes an open secret. Thus, any instance derived from this disk image would be fairly easy to read regardless of knowledge of the wrapping key.