Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (secur

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (secur

From:	Daniel P. Berrange
Subject:	Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode
Date:	Wed, 2 May 2012 10:16:11 +0100
User-agent:	Mutt/1.5.21 (2010-09-15)

On Tue, May 01, 2012 at 06:26:05PM -0500, Anthony Liguori wrote:
> On 05/01/2012 04:20 PM, Paul Moore wrote:
> >FIPS 140-2 requires disabling certain ciphers, including DES, which is used
> >by VNC to obscure passwords when they are sent over the network.  The
> >solution for FIPS users is to disable the use of VNC password auth when the
> >host system is operating in FIPS mode.
> 
> Sorry, what?
> 
> Does FIPS really require software to detect when FIPS is enabled and
> actively disable features???  That's absurd.
> 
> Can you point to another software package that does something like this?

All the SSL libraries for a start (NSS, OpenSSL & GNUTLS).  If we were
using one of those for the VNC DES code we would be disabled.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Paul Moore, 2012/05/01
- Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Andreas Färber, 2012/05/01
  - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Christoph Hellwig, 2012/05/02
    - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/02
  - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Paul Moore, 2012/05/02
- Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Anthony Liguori, 2012/05/01
  - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, George Wilson, 2012/05/02
    - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Anthony Liguori, 2012/05/01
    - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, George Wilson, 2012/05/02
    - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/02
  - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange <=
- Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Daniel P. Berrange, 2012/05/02
  - Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode, Paul Moore, 2012/05/02

Prev by Date: Re: [Qemu-devel] [RFC 2/5] block: add new command line parameter that and protocol description
Next by Date: Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode
Previous by thread: Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode
Next by thread: Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode
Index(es):
- Date
- Thread