[Spice-devel] [PATCH spice-protocol] Add Spice URI Scheme document

Marc-André Lureau marcandre.lureau at gmail.com
Tue Jan 8 20:21:59 UTC 2019 

Hi

On Tue, Jan 8, 2019 at 5:52 PM Christophe Fergeau <cfergeau at redhat.com> wrote:
>
> On Tue, Jan 08, 2019 at 04:40:47PM +0400, Marc-André Lureau wrote:
> > Hi
> >
> > On Tue, Jan 8, 2019 at 4:24 PM Christophe Fergeau <cfergeau at redhat.com> wrote:
> > >
> > > On Wed, Dec 19, 2018 at 06:33:59PM +0400, marcandre.lureau at redhat.com wrote:
> > > > +URI Parameters
> > > > +--------------
> > > > +
> > > > +A description of host information and URI parameters is provided in
> > > > +this section.  Information on the constraints of various data types is
> > > > +provided in Section "Data Types".  All parameters are considered optional;
> > > > +however, a client will not be able to connect without sufficient
> > > > +information.
> > > > +
> > > > +A parameter without a specified default value indicates that no
> > > > +default value is implied by this URI scheme; however, Spice clients
> > > > +can apply implementation-dependent default behaviors otherwise
> > > > +consistent with this document.
> > > > +
> > > > +The <userinfo> value is deprecated and processed only in an
> > > > +implementation-specific manner.  The <userinfo> component MUST NOT be
> > > > +generated in an environment where a client supporting an updated URI
> > > > +format is expected to be available.
> > >
> > > I don't think we should deprecate userinfo now, this is coming from the
> >
> > Rationale? in spice-gtk there is a warning if you make use of it:
> >              g_warning("password may be visible in process listings");
>
> 'userinfo' is username + password, I don't think we want to forbid
> usernames in the URI, nor to deprecated that. Also, my understanding
> from the VNC URI spec is that it's deprecated because there are
> VncUsername/VncPassword replacements. In our case we don't have these.
>
> Regarding that warning that you mention, this is for a very specific use
> case, passing a URI on the command line. This document is more generic
> than that, the URI with the password could be entered in a gtk text
> entry, with some smartness to replace the password characters with * or
> things like that, so typing the password as part of the URI is not
> always terribly insecure.

Got it, thanks. I'll update the spec.


-- 
Marc-André Lureau

More information about the Spice-devel mailing list