On Fri, Feb 16, 2018 at 10:30:18AM +0000, Daniel P. Berrangé wrote:
> On Fri, Feb 16, 2018 at 11:13:06AM +0100, marcandre.lur...@redhat.com wrote:
> > From: Marc-André Lureau <marcandre.lur...@redhat.com>
> > 
> > spice:// has a weird scheme encoding, where it can accept both plain
> > and tls ports with URI query parameters. However, it's not very
> > convenient nor very common to use (who really want to mix plain & tls
> > channels?).
> Is it worth formally deprecating the mixing of plain & tls on a per
> channel basis in QEMU ?  The idea that you can be secure, and yet
> still have some channels plain text is really dubious and promotes
> dangerous practice to users.

Yup, probably best to deprecate this, even though RHV was still setting
per-channel security last time I checked (but everything was set to
either secure or unsecure).


Attachment: signature.asc
Description: PGP signature

Spice-devel mailing list

Reply via email to