Re: [PATCH v2] doc: Define a standard URI syntax for NBD URIs.
On Tue, May 28, 2019 at 11:35:36AM +0100, Richard W.M. Jones wrote:
> Differences since v1:
>
> - Make clear that we defer all questions about the NBD protocol
> or how it works to the NBD protocol document.
>
> - Make clear that the userinfo field is only needed for TLS
> (not for NBD itself).
>
> - `socket` parameter is still required, because I'm unhappy about
> a client opening a local file if no socket is specified (it's
> far more likely to be an error and opening a local file could
> raise security concerns).
>
> - Add various tls parameters. The most controversial(?) aspect of
> this is that I've gone with qemu-style certificates directory.
This is certainly good from QEMU's POV. QEMU has standardized
its own internal APIs handling loading of certificate, so even if
the NBD spec gave a different filenaming convention, QEMU would
likely carry on which what it already uses. It is more important
to QEMU to have consistent TLS cert filenames across all of its
different network services.
At least this part is merely a "SHOULD" and not a "MUST", so
applications do have flexibility to ignore this rule if they
so choose.
> - Document how clients which do not support TLS should behave.
>
> - Document that Unix domain sockets may begin with an ASCII NUL
> character on some platforms.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
Reply to: