[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] Register libvirtd ports with IANA ?

On Mon, Jun 18, 2007 at 12:09:33PM +0100, Richard W.M. Jones wrote:
> Daniel P. Berrange wrote:
> >For the libvirtd we currently use two ports
> >
> >  16509  - TCP unencrypted stream
> >  16514  - TLS encrypted stream
> >
> >My first thought is that we should really use consequetive port numbers
> >eg 16510 and 16511.
> A few comments ...
> We don't need to use two ports if we either use a "STARTTLS"-style 
> upgrading of unencrypted to encrypted connections (which is the 
> recommended way to do things instead of using two ports), or more simply 
> we just ditch unencrypted connections.  They're disabled by default 
> anyway and not in any way required unless we want libvirt to build 
> without GnuTLS.

The TCP stuff would be useful if you made it listen on and were
using  SSH to connect to libvirt remotely. So since the client sides has
SSH tunnellin support we probably ought to keep the plain TCP server, since
you don't want to be tunnelling  TLS over SSH :-)

> No one got my ZX81 joke, obviously ...

What's a ZX81 ;-P

|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]