From: Anthony Liguori <aliguori@us.ibm.com>
To: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>
Cc: xen-devel <xen-devel@lists.xensource.com>,
Ewan Mellor <ewan@xensource.com>
Subject: Re: [RFC][PATCH] Secure XML-RPC for Xend
Date: Fri, 09 Jun 2006 07:10:23 -0500 [thread overview]
Message-ID: <4489652F.7040702@us.ibm.com> (raw)
In-Reply-To: <A95E2296287EAD4EB592B5DEEFCE0E9D4BAA21@liverpoolst.ad.cl.cam.ac.uk>
Ian Pratt wrote:
>> The following patch implements a secure XML-RPC protocol for Xend.
>> Instead of using HTTPS with basic authentication and dealing with all
>> that nasty OpenSSL/PAM integration, it just uses SSH. This gives you
>> all the properties you want (great security and PAM integration) with
>> very little code.
>>
>
> I think we just have to bite the bullet on this one. OpenSSL/PAM
> integration isn't that hard, and it makes things much cleaner from a
> client point of view, which is what really matters.
>
It's tempting to use https/basic auth since it seems like it ought to
just work with existing clients. However, that doesn't appear to be the
case.
Python doesn't seem to provide any real support for authentication
out-of-the-box. It wouldn't be that hard to add but neither was an SSH
transport.
The other problem is that Python doesn't provide support for certificate
verification. That's okay if you're just using Python to screen scrap
but if you're in an enterprise environment it's not a very good thing.
The other problem I'm concerned about is certificate management on our
end. The average user is going have to end up using snake oil certs and
I've always found configuring these things to be a real pain.
Another advantage to the SSH approach is that it makes firewall rules
easier to manage. There's no additional open port. This is a minor
benefit of course but I thought I'd mention it anyway :-)
Writing a client from scratch, I've found supporting the SSH method is
far easy than https. Best of all, there's no additional server
configuration.
I'm clearly biased though, I'm interested to know what others think :-)
Regards,
Anthony Liguori
> We can always use "stunnel" to make life easier.
>
> Ian
>
>
>
>> There are some minor issues so I'd rather it not be applied
>> immediately. I'd like to get some feedback from people as to whether
>> this approach is reasonable. A user-facing change is that now you can
>> use the XM_SERVER environmental variable to specific an XML-RPC URI.
>>
>> For instance:
>>
>> XM_SERVER='ssh://root@rhesis.austin.ibm.com/RPC2' xm list
>>
>> Runs xm list on a local machine but does all of the RPCs over a secure
>> connection (prompting for passwords).
>>
>> Thoughts?
>>
>> Regards,
>>
>> Anthony Liguori
>>
>>
>
>
next prev parent reply other threads:[~2006-06-09 12:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-09 8:10 [RFC][PATCH] Secure XML-RPC for Xend Ian Pratt
2006-06-09 12:10 ` Anthony Liguori [this message]
2006-06-14 8:43 ` Ewan Mellor
2006-06-14 17:34 ` Anthony Liguori
-- strict thread matches above, loose matches on Subject: below --
2006-06-09 2:13 Anthony Liguori
2006-06-09 2:45 ` Matthew Palmer
2006-06-09 8:34 ` Anil Madhavapeddy
2006-06-09 8:41 ` Daniel Veillard
2006-06-09 8:54 ` Anil Madhavapeddy
2006-06-09 14:57 ` Anthony Liguori
2006-06-09 12:00 ` Anthony Liguori
2006-06-14 8:36 ` Ewan Mellor
2006-06-14 17:26 ` Anthony Liguori
2006-06-14 17:36 ` Ewan Mellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4489652F.7040702@us.ibm.com \
--to=aliguori@us.ibm.com \
--cc=ewan@xensource.com \
--cc=m+Ian.Pratt@cl.cam.ac.uk \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.