On Mon, 2014-04-14 at 15:07 +0200, Jaroslav Reznik wrote: > = Proposed Self Contained Change: Remote Journal Logging = > The communication between the two daemons is done over standard HTTPS, > following rather simple rules, so it is possible to create alternate > implementations without much work. For example, curl can be easily used to > upload journal entries from a text file containing entries in the export > format. Basically, the data are sent in an HTTP POST to /upload with Content- > Type: application/vnd.fdo.journal. When doing "live" forwarding, the size of > the transfer cannot be known in advance, so Transfer-Encoding: chunked is > used. All communication is encrypted, and the identity of both sides is > verified by checking for appropriate signatures on the certificates. HTTP seem like a bad idea in terms of security, certificates are notoriously very hard to manage, even with the help of things like certmonger, and hard to properly validate in most libraries today. Let alone dealing with setting up a CA just for enabling remote logging (or otherwise painfully exchange fingerprints and white list certificates for each client-server pair. And please do not tell me this is deferred to the admin to figure out, because then it would mean this feature cannot seriously be used in normal setups. Is there any reason why a better custom protocol that can be secured using things like SASL or GSSAPI is not used ? Has it been considered ? What are the pros of using HTTP if all you are doing are POSTS to a hardcoded URL ? Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
