Comment 1 for bug 1185343

Regarding

>So, assuming we generate a random IV we should add either
>
>a) Have it provided as a parameter in the stream (so other side
>knows to decrypt it).
>
>b) Without stream, put it in one of xtrabackup metadata files to
>decrypt later.

This won't be required. The salt needs to be prepended (separated
by a delimiter) to the
encrypted stream/text (in case of text, in the beginning of the
file). This convention is used elsewhere as well - crypt(3),
openssh etc.