[Spice-devel] [PATCH spice-gtk v2 2/4] uri: learn to parse spice+tls:// form
Christophe Fergeau
cfergeau at redhat.com
Mon Feb 19 12:30:32 UTC 2018
On Fri, Feb 16, 2018 at 10:30:18AM +0000, Daniel P. Berrangé wrote:
> On Fri, Feb 16, 2018 at 11:13:06AM +0100, marcandre.lureau at redhat.com wrote:
> > From: Marc-André Lureau <marcandre.lureau at redhat.com>
> >
> > spice:// has a weird scheme encoding, where it can accept both plain
> > and tls ports with URI query parameters. However, it's not very
> > convenient nor very common to use (who really want to mix plain & tls
> > channels?).
>
> Is it worth formally deprecating the mixing of plain & tls on a per
> channel basis in QEMU ? The idea that you can be secure, and yet
> still have some channels plain text is really dubious and promotes
> dangerous practice to users.
Yup, probably best to deprecate this, even though RHV was still setting
per-channel security last time I checked (but everything was set to
either secure or unsecure).
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/spice-devel/attachments/20180219/fd858f79/attachment.sig>
More information about the Spice-devel
mailing list