[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] spec, RFC: TLS support for NBD
From: |
Richard W.M. Jones |
Subject: |
Re: [Qemu-devel] spec, RFC: TLS support for NBD |
Date: |
Sat, 18 Oct 2014 07:33:22 +0100 |
User-agent: |
Mutt/1.5.20 (2009-12-10) |
On Sat, Oct 18, 2014 at 12:03:23AM +0200, Wouter Verhelst wrote:
> Hi all,
>
> (added rjones from nbdkit fame -- hi there)
[I'm happy to implement whatever you come up with, but I've added
Florian Weimer to CC who is part of Red Hat's product security group]
> So I think the following would make sense to allow TLS in NBD.
>
> This would extend the newstyle negotiation by adding two options (i.e.,
> client requests), one server reply, and one server error as well as
> extend one existing reply, in the following manner:
>
> - The two new commands are NBD_OPT_PEEK_EXPORT and NBD_OPT_STARTTLS. The
> former would be used to verify if the server will do TLS for a given
> export:
>
> C: NBD_OPT_PEEK_EXPORT
> S: NBD_REP_SERVER, with an extra field after the export name
> containing flags that describe the export (R/O vs R/W state,
> whether TLS is allowed and/or required).
>
> If the server indicates that TLS is allowed, the client may now issue
> NBD_OPT_STARTTLS:
>
> C: NBD_OPT_STARTTLS
> S: NBD_REP_STARTTLS # or NBD_REP_ERR_POLICY, if unwilling
> C: <initiate TLS handshake>
>
> Once the TLS handshake has completed, negotiation should continue over
> the secure channel. The client should initiate that by sending an
> NBD_OPT_* message.
>
> - The server may reply to any and all negotiation request with
> NBD_REP_ERR_TLS_REQD if it does not want to do anything without TLS.
> However, if at least one export is supported without encryption, the
> server must not in any case use this reply.
>
> There is no command to "exit" TLS again. I don't think that makes sense,
> but I could be persuaded otherwise with sound technical arguments.
>
> Thoughts?
>
> (full spec (with numbers etc) exists as an (uncommitted) diff to
> doc/proto.txt on my laptop, ...)
>
> --
> It is easy to love a country that is famous for chocolate and beer
>
> -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
- Re: [Qemu-devel] NBD TLS support in QEMU, Wouter Verhelst, 2014/10/01
- Re: [Qemu-devel] NBD TLS support in QEMU, Daniel P. Berrange, 2014/10/02
- Re: [Qemu-devel] NBD TLS support in QEMU, Paolo Bonzini, 2014/10/02
- [Qemu-devel] spec, RFC: TLS support for NBD, Wouter Verhelst, 2014/10/17
- Re: [Qemu-devel] spec, RFC: TLS support for NBD,
Richard W.M. Jones <=
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Daniel P. Berrange, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Stefan Hajnoczi, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Markus Armbruster, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Daniel P. Berrange, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Florian Weimer, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Richard W.M. Jones, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Wouter Verhelst, 2014/10/20
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Daniel P. Berrange, 2014/10/21
- Re: [Qemu-devel] spec, RFC: TLS support for NBD, Wouter Verhelst, 2014/10/21
- Re: [Qemu-devel] spec, RFC: TLS support for NBDµ, Wouter Verhelst, 2014/10/20