On Thu, Feb 17, 2011 at 02:48:54AM -0600, DRC wrote: > Since Martin has confirmed that the GnuTLS slow-down is not > system-specific, I propose to move forward with changing the default > server security types such that VncAuth is first and VeNCrypt is implicit.
Ok, ack. I propose this list for server built with GNUTLS: VeNCrypt,VncAuth,TLSVnc and this list for GNUTLS-capable client: VeNCrypt,VncAuth,X509Plain,TLSPlain,X509Vnc,TLSVnc,X509None,TLSNone,None Is it acceptable for you? I'm not sure if we should enable "Plain" sectype (i.e. user + plain password without encryption) because it is quite insecure. Regards, Adam > On 2/11/11 12:09 PM, DRC wrote: > > On 2/11/11 2:24 AM, Martin Koegler wrote: > >> It should be possible (HAVE_GNUTLS not defined). In that case, > >> VeNCrypt + Plain are still available. > > > > > > Right you are. I built without GnuTLS, and Plain definitely does still > > work. That makes me feel better about the feature, in general. > > > > I guess the two outstanding issues, then, are: > > > > -- Should we make VeNCrypt an implicit security type, rather than > > explicit (I say yes.) > > > > -- Should we change the default server order to > > (VeNCrypt),VncAuth,TLSVnc (I also say yes.) > > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > Tigervnc-devel mailing list > Tigervnc-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tigervnc-devel -- Adam Tkac, Red Hat, Inc. ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
