Wouter, On 9 Apr 2016, at 12:38, Wouter Verhelst <[email protected]> wrote:
> On Sat, Apr 09, 2016 at 12:21:03PM +0100, Alex Bligh wrote: >> An alternative route would be to delete OPTIONALTLS, and make some of >> the MUST requirements in SELECTIVETLS say "MUST xyz unless there are >> no TLS-only exports". However, this makes it rather harder to read, >> so I described that case as a separate mode. > > I understand now. > > However, although I disagree with Daniel on the idea of having a server > which can (in the same process) support both TLS-enabled and > non-TLS-enabled exports, I do agree with him that what you call > OPTIONALTLS is a bad idea, and that it should be discouraged. > > Mentioning that option explicitly is counter to that goal, and I would > therefore prefer that you not add it. > > Also, while we try to negotiate the protocol in such a way that things > remain compatible between implementations who implement a disjoint set > of features from the protocol, I think the long-term goal should be that > STARTTLS and INFO are supported by all implementations (or at least, > that INFO is). In that context, explicitly explaining (in much detail) > what happens when a client doesn't support INFO but does support > STARTTLS seems contraproductive. > > So I'd just drop optional. OK. I will kill it in v6. In practice it means 'if you want to export some things with TLS and some without then you need to implement INFO'. This would be a *good* thing if INFO is brought into the main standard (i.e. taken beyond experimental). Eric's just sent patches for Qemu to qemu-devel. I need to check the implementation on my server is still compliant, but it's basically done. So I may argue for INFO to be put into the body of the standard. >>>> I'd be all for that. Or certainly "SHOULD NOT support LS versions older >>>> than 1.2 by default" >>> >>> Or that. The point is that doing TLS < 1.2 is stupid, especially for a >>> new protocol, so I think we should make it explicit that clients should >>> not try that save in exceptional circumstances. >> >> +1. Do you want to ping me when you have had a chance to review v5 and >> I will collate all of these in to a v6? > > I have, but did not have any further comments. Great. v6 coming up. -- Alex Bligh ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/ gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532 _______________________________________________ Nbd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nbd-general
