Daniel Veillard wrote: > On Tue, Mar 03, 2009 at 09:13:14AM +0100, Chris Lalancette wrote: >> All, >> While doing testing on TLS, I came across the mention of >> "tls_allowed_ip_list" in the website documentation, here: >> >> http://libvirt.org/remote.html#Remote_libvirtd_configuration >> >> However, I don't see any implementation of the tls_allowed_ip_list in libvirt >> itself; a grep through the sources show that we are implementing >> "tls_allowed_dn_list", but not "tls_allowed_ip_list". Am I missing something in >> the sources? Should we update the libvirt.org documentation and remove that >> (seemingly non-existent) parameter? Or should I go in and implement the >> "tls_allowed_ip_list"? > > Hum, I don't remember the history, I guess the simplest is to make a > small change to the doc along the line "(not implemented yet)" and > work on a patch. Unless we really think dn certificate checks are really > superior and ip check is not needed (I have no opinion !) Right, that was my thought too; perhaps DN checks are enough. I guess we should let DanB weigh in, since it's basically a documentation issue at the moment. -- Chris Lalancette -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list