On Fri, Feb 16, 2018 at 10:30:18AM +0000, Daniel P. Berrangé wrote:
> On Fri, Feb 16, 2018 at 11:13:06AM +0100, marcandre.lur...@redhat.com wrote:
> > From: Marc-André Lureau <marcandre.lur...@redhat.com>
> > 
> > spice:// has a weird scheme encoding, where it can accept both plain
> > and tls ports with URI query parameters. However, it's not very
> > convenient nor very common to use (who really want to mix plain & tls
> > channels?).
> 
> Is it worth formally deprecating the mixing of plain & tls on a per
> channel basis in QEMU ?  The idea that you can be secure, and yet
> still have some channels plain text is really dubious and promotes
> dangerous practice to users.

Yup, probably best to deprecate this, even though RHV was still setting
per-channel security last time I checked (but everything was set to
either secure or unsecure).

Christophe

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/spice-devel

Reply via email to