[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 4/4] char: introduce support for TLS encrypte
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH v2 4/4] char: introduce support for TLS encrypted TCP chardev backend |
Date: |
Mon, 21 Dec 2015 16:11:37 +0000 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Mon, Dec 21, 2015 at 05:02:40PM +0100, Paolo Bonzini wrote:
>
>
> On 21/12/2015 16:42, Daniel P. Berrange wrote:
> > This integrates support for QIOChannelTLS object in the TCP
> > chardev backend. If the 'tls-creds=NAME' option is passed with
> > the '-chardev tcp' argument, then it will setup the chardev
> > such that the client is required to establish a TLS handshake
> > when connecting. There is no support for checking the client
> > certificate against ACLs in this initial patch. This is pending
> > work to QOM-ify the ACL object code.
>
> Are you also planning AF_UNIX support or does it make no sense?
I wasn't planning on it as I don't think it adds any real value.
AF_UNIX sockets are trivially secure since they're purely local.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|