Re: [Nbd] doc/proto.md: TLS question
- To: Wouter Verhelst <w@...112...>
- Cc: "nbd-general@lists.sourceforge.net" <nbd-general@lists.sourceforge.net>
- Subject: Re: [Nbd] doc/proto.md: TLS question
- From: Alex Bligh <alex@...872...>
- Date: Thu, 7 Apr 2016 12:42:53 +0100
- Message-id: <CB8B85CD-04D1-4203-947F-52445E55039C@...872...>
- In-reply-to: <5C45717D-1736-4F35-8EF5-649CD6737EFE@...872...>
- References: <AA5BB2F4-E122-4372-9121-95FA94A48AB2@...872...> <20160406183201.GA14152@...3...> <AC38E144-1D9E-48C3-822F-AE25CF0296AC@...872...> <20160406194941.GA22415@...3...> <5C45717D-1736-4F35-8EF5-649CD6737EFE@...872...>
Wouter,
On 6 Apr 2016, at 22:04, Alex Bligh <alex@...872...> wrote:
>>>>> I think this should thus be deleted.
>>>>
>>>> No, it must stay.
>>>>
>>>> There's currently no way to detect whether a particular export supports
>>>> TLS. If the client wants to connect to an export that the server only
>>>> exports through TLS, then the server must drop the connection upon
>>>> NBD_OPT_EXPORT_NAME. This is part of why we need INFO/GO.
>>>>
>>>> INFO/GO modifies TLS_REQD in that it makes it legal for TLS_REQD to be
>>>> sent as an error reply *for those two requests* if a particular export
>>>> requires TLS but another one does not. Once the INFO extension is no
>>>> longer experimental, the above-quoted language will indeed need to be
>>>> changed, but for now a server can only send it in the "I don't do no
>>>> steenking cleartext" case, and then that language is correct.
>>>
>>> Mmmm... I think it could be 'improved' then :-)
>>
>> That isn't something I'm opposed to :-)
>
> OK I'll have a go. Something there also mentions NBD_PEEK_EXPORT
> I think so I'll fix that too.
I've just sent through a patch which (I hope) clarifies
greatly the documentation.
I think part of the difference is what one means by 'optional'
in the sense of a NBD server. Originally (before NBD_OPT_INFO)
I think optional was meant to mean 'either TLS or not, whatever
export you choose', whereas NBD_OPT_INFO definitely permits
'selective' tls, i.e. some exports are tls-only, and some are
either. In fact I think selective TLS (as well as optional
TLS) should be permitted without NBD_OPT_INFO, and whilst
it's ugly as sin without NBD_OPT_INFO, actually TLS as a whole
is pretty ugly without NBD_OPT_INFO.
I've tried to set these out in my document. If you think selective
TLS should not be permitted without NBD_OPT_INFO support, we
just need to change a few 'SHOULD's to 'MUST's.
I've added Daniel & qemu-devel added as CC to the patch (but not
this message) as I think qemu is the only user, apart from
my gonbdserver (with which it interoperates successfully), so
perhaps best move the conversation to that.
--
Alex Bligh
Reply to: