-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/11/2015 02:09 PM, Nux! wrote: > Hello, > > See inline. > >> JIRA: https://issues.apache.org/jira/browse/CLOUDSTACK-8272 PR: >> https://github.com/apache/cloudstack/pull/106 >> >> I need your comment on the following proposal: >> >> 1. If a password has been served by the password server, we >> expire it within next 15 minutes (or suggest other values) if >> acknowledgement is not received. > > If a guest has confirmed the password was retrieved delete it > straight away. I am not sure this is what you asked. :) > How would the guest confirm? Merely retrieving it doesn't guarantee that the client was able to set it. I'd say keep if for 15 minutes, so that the guest can try a couple of times before we expire the password. >> >> 2. If a password is not served by the password server in next >> 1-24 hours (because the VM was in stopped state and was never >> started to receive new password and send ack to remove it from >> VR) it gets expired. What should be a good enough time period, 1 >> hour? 4 hours? 1 day? > > Imho the password should be kept forever, awaiting the guest to > retrieve it. There may be cases where people will regularly reset > the passwords, a VM could stay offline for a while before being > started and getting the new password. > > Will this new python implementation handle SSL connections as > well? I'd be nice if it did https by default with a self-signed > cert unless otherwise specified. > > > Lucian > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVAEAFAAoJEAGbWC3bPspC2pUP/RC/CZwAADZLeAJO3iTkmthQ thMfAk+E4tzFOANSp+63yMZ6rWpjLOPZdb47Tf0Wyyyjgpzk+jMjVZhUXcpq72rb 4LHkKBGlotDHiPsybBslivcBVMEvL1zvDLUgDO2dYJNJA/gNhHICPQ6lvboa3a5W Je0HhspKm8d/hJUYlO+mIZBNt2lARQdv1YZi+KUbTxKU7qWpaCg5B+d7PYK61oxX 8iAmdSBgX3A6xtOwAwZaD/F3AG1R945vyp8ttQZ7bzatG3TO750ULCzGtjhPApeT GYy4EYn5T1qzQVHZe99B9KhMDUadoF3VxjPZ+n2Hu58/20Bm98TJdNrS4HBun4e2 Gwn+u6ankKcgG+5QNsPTO7I+WcYRFVQ6FXTY1CqtWU8PTKuA79Op2Sb71OTu2UrQ BR8VldwIN0CS2mwXZQhLbW6Z6KcjMbjGtoxCZ+yC4HRFPkqbsQ9lsZ5yTv+vq12f b+keYVpWgAfLl7K0LnMYAP+pwzC5Byh52QH2NskkhcdxK5zEAU83cqGaWSXiPXZ0 +z8cK8RP0jQvGrFRpr/S4Ydx96GFoANo8LbTlulP+Oj4x12yh7U5O+gnoiWP/G4b ZKt5GVz9/Akx4rYUlE6ICSyxEiQO0+Tyf4nt64C7ezKRHU21tEeKPSyCRrkyo/8Q JVT7aODxVXRDzdP3fbWK =rbC4 -----END PGP SIGNATURE-----
