From: "Richard W.M. Jones" <rjones@redhat.com>
To: Wouter Verhelst <w@uter.be>
Cc: Florian Weimer <fweimer@redhat.com>,
Hani Benhabiles <kroosec@gmail.com>,
libvir-list@redhat.com, mprivozn@redhat.com,
nbd-general@lists.sf.net, qemu-devel@nongnu.org,
Max Reitz <mreitz@redhat.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
nick@bytemark.co.uk, Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [Qemu-devel] spec, RFC: TLS support for NBD
Date: Sat, 18 Oct 2014 07:33:22 +0100 [thread overview]
Message-ID: <20141018063322.GC1349@redhat.com> (raw)
In-Reply-To: <20141017220323.GC31287@grep.be>
On Sat, Oct 18, 2014 at 12:03:23AM +0200, Wouter Verhelst wrote:
> Hi all,
>
> (added rjones from nbdkit fame -- hi there)
[I'm happy to implement whatever you come up with, but I've added
Florian Weimer to CC who is part of Red Hat's product security group]
> So I think the following would make sense to allow TLS in NBD.
>
> This would extend the newstyle negotiation by adding two options (i.e.,
> client requests), one server reply, and one server error as well as
> extend one existing reply, in the following manner:
>
> - The two new commands are NBD_OPT_PEEK_EXPORT and NBD_OPT_STARTTLS. The
> former would be used to verify if the server will do TLS for a given
> export:
>
> C: NBD_OPT_PEEK_EXPORT
> S: NBD_REP_SERVER, with an extra field after the export name
> containing flags that describe the export (R/O vs R/W state,
> whether TLS is allowed and/or required).
>
> If the server indicates that TLS is allowed, the client may now issue
> NBD_OPT_STARTTLS:
>
> C: NBD_OPT_STARTTLS
> S: NBD_REP_STARTTLS # or NBD_REP_ERR_POLICY, if unwilling
> C: <initiate TLS handshake>
>
> Once the TLS handshake has completed, negotiation should continue over
> the secure channel. The client should initiate that by sending an
> NBD_OPT_* message.
>
> - The server may reply to any and all negotiation request with
> NBD_REP_ERR_TLS_REQD if it does not want to do anything without TLS.
> However, if at least one export is supported without encryption, the
> server must not in any case use this reply.
>
> There is no command to "exit" TLS again. I don't think that makes sense,
> but I could be persuaded otherwise with sound technical arguments.
>
> Thoughts?
>
> (full spec (with numbers etc) exists as an (uncommitted) diff to
> doc/proto.txt on my laptop, ...)
>
> --
> It is easy to love a country that is famous for chocolate and beer
>
> -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
next prev parent reply other threads:[~2014-10-18 6:34 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-03 16:44 [Qemu-devel] NBD TLS support in QEMU Stefan Hajnoczi
2014-09-04 14:19 ` Benoît Canet
2014-09-04 14:34 ` [Qemu-devel] [libvirt] " Daniel P. Berrange
2014-09-04 15:04 ` Benoît Canet
2014-09-04 15:45 ` Stefan Hajnoczi
2014-09-04 15:54 ` John Snow
2014-09-04 22:07 ` [Qemu-devel] " Wouter Verhelst
2014-09-04 22:54 ` Benoît Canet
2014-09-05 8:42 ` Wouter Verhelst
2014-09-05 12:15 ` Stefan Hajnoczi
2014-09-04 22:02 ` Wouter Verhelst
2014-09-05 8:13 ` Daniel P. Berrange
2014-09-05 8:34 ` Wouter Verhelst
2014-09-05 12:21 ` Stefan Hajnoczi
2014-09-05 6:23 ` [Qemu-devel] [libvirt] " Michal Privoznik
2014-09-05 8:10 ` Daniel P. Berrange
2014-09-05 8:46 ` [Qemu-devel] " Hani Benhabiles
2014-09-05 12:31 ` Stefan Hajnoczi
2014-09-05 13:26 ` Wouter Verhelst
2014-10-01 20:23 ` Wouter Verhelst
2014-10-02 11:00 ` Paolo Bonzini
2014-10-02 13:50 ` Wouter Verhelst
2014-10-08 18:16 ` Wouter Verhelst
2014-10-09 12:42 ` Paolo Bonzini
2014-10-02 11:05 ` Daniel P. Berrange
2014-10-02 11:28 ` Paolo Bonzini
2014-10-17 22:03 ` [Qemu-devel] spec, RFC: TLS support for NBD Wouter Verhelst
2014-10-18 6:33 ` Richard W.M. Jones [this message]
2014-10-20 7:58 ` Daniel P. Berrange
2014-10-20 9:56 ` Stefan Hajnoczi
2014-10-20 11:51 ` Markus Armbruster
2014-10-20 11:56 ` Florian Weimer
2014-10-20 12:48 ` Richard W.M. Jones
2014-10-20 22:10 ` Wouter Verhelst
2014-10-21 9:35 ` Daniel P. Berrange
2014-10-21 18:02 ` Wouter Verhelst
2014-10-20 12:08 ` Daniel P. Berrange
2014-10-20 21:53 ` [Qemu-devel] spec, RFC: TLS support for NBDµ Wouter Verhelst
2014-10-21 8:17 ` Markus Armbruster
2014-10-21 18:30 ` Wouter Verhelst
2014-10-25 10:43 ` [Qemu-devel] [Nbd] " Wouter Verhelst
2014-10-30 10:40 ` Stefan Hajnoczi
2014-10-31 18:15 ` Wouter Verhelst
2014-11-03 14:30 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141018063322.GC1349@redhat.com \
--to=rjones@redhat.com \
--cc=fweimer@redhat.com \
--cc=kroosec@gmail.com \
--cc=libvir-list@redhat.com \
--cc=mprivozn@redhat.com \
--cc=mreitz@redhat.com \
--cc=nbd-general@lists.sf.net \
--cc=nick@bytemark.co.uk \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=w@uter.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).