On Fri, Feb 16, 2018 at 10:30:18AM +0000, Daniel P. Berrangé wrote: > On Fri, Feb 16, 2018 at 11:13:06AM +0100, marcandre.lureau@xxxxxxxxxx wrote: > > From: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> > > > > spice:// has a weird scheme encoding, where it can accept both plain > > and tls ports with URI query parameters. However, it's not very > > convenient nor very common to use (who really want to mix plain & tls > > channels?). > > Is it worth formally deprecating the mixing of plain & tls on a per > channel basis in QEMU ? The idea that you can be secure, and yet > still have some channels plain text is really dubious and promotes > dangerous practice to users. Yup, probably best to deprecate this, even though RHV was still setting per-channel security last time I checked (but everything was set to either secure or unsecure). Christophe
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel