[Qemu-devel] VNC Websocket TLS support design decisions

[Tim Hardeck <thardeck@suse.de>]

Hi,

I am working on TLS support for VNC Websockets in QEMU and while I 
already got it working I need to make some design decisions.

Websockets over TLS need certificates.
We already have the "x509" vnc parameter for VNC-TLS to provide the 
certificates but user might have one webserver certificate and one for 
VNC TLS authentication. Of course in this case they could use two vnc 
instances.
The other issue is that Websockets TLS should work when vnc-tls is 
disabled since GnuTLS is already a requirement for Websockets anyway.
Should I use this x509 certificate parameter also or add an additional 
parameter like "ws_x509"?

Should there be an option to only allow Websockets over TLS?
For example how to react in case of the option "tls=1".
In my current implementation the Websocket connection is checked during 
initiation for an encryption handshake and and then acted accordingly.

To my knowledge current HTML5 VNC clients do not support another 
authentication then password, so no VEncrypt.
This means that if I enable tls=1 Websockets connection can't be 
established for this vnc instance.
Should I add some workaround to use password authentication for 
Websockets or just document it so users could use two vnc instances for 
this use case?


For my implementation I am using many parts of vnc-tls. I am planning to 
make some functions in vnc-tls more flexible or add some checks to allow 
them to be used for Websocket TLS connections.
Would this be OK or do you have other suggestions.

Thanks in advance
Tim

-- 
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix 
Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstr. 5, 90409 Nürnberg, Germany
T: +49 (0) 911 74053-0  F: +49 (0) 911 74053-483
http://www.suse.de/