Hi, On Thu, Oct 30, 2014 at 10:40:56AM +0000, Stefan Hajnoczi wrote: > On Sat, Oct 25, 2014 at 12:43:35PM +0200, Wouter Verhelst wrote: > > I haven't seen a reply to this anymore. Do people still have comments? > > I'm planning on doing a release of nbd later this weekend, and would > > like to include this (not the TLS implementation yet, but at least the > > spec) > > Hi Wouter, > From https://github.com/yoe/nbd/blob/tlsspec/doc/proto.txt: > > * NBD_OPT_STARTTLS (5) > > The client wishes to initiate TLS. XXX Data. > > Is there text missing for "XXX Data"? Ah, ehm, oops. Yes :-) That was meant to be a reminder that I hadn't given that any thought yet. The idea was that maybe we could use the "data" field in the STARTTLS message to send something to initiate the TLS communication. If the server rejects TLS, then that data is lost, but otherwise it might be useful. OTOH, it could be too complicated to implement. > Also, I suggest at least developing a prototype before releasing the > specification changes. Issues that were unknown ahead of time might be > discovered during development. Yeah, that's fair enough. > Why the rush to release specification changes? Not really a rush, I just thought it might be useful. But I suppose you're right. Note that I'm not likely to be implementing this "soon". I haven't got much time right now, and it would be my first time to implement something which uses TLS; so I would need to do some research in that area first. -- It is easy to love a country that is famous for chocolate and beer -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list