> Lucian - in the proposal what I meant to say was that in case a password was > sent to a user VM but the user VM does not respond with an ack (so as to > remove > the password from its storage/memory) should it expiry it after a period of > say > 15 mins?
Rohit, seeing that there is logic built into these scripts, then the expected action would be to just wait for the script's ACK indefinitely. If the ACK doesn't come it means the VM is either crashed, or stopped (waiting to be started when the customer wants) etc; there is a reason behind it. > Pierre - I would be happy to implement a SSL based http server which is my > next > step though I’m not sure about the logistics of adding the SSL scripts etc, > which could be similar how it is done for the CPVM/SSVM. The first step is to > remove bash/socat based password server with a Python based server that uses > Threads instead of Forks (so less memory intensive) and cleans up properly. +1 for SSL, particularly important in basic and adv+sg zones. Personally I would not change the current implementation since it works well, although I could see why you would want to as a programmer. Also, by using a proper programming language you've just locked out non-programmers (like me) from being able to debug problems with it - not necessarilly a good argument though. One advantage of the current implementation is that socat can be very easily made to serve SSL http://www.dest-unreach.org/socat/doc/socat-openssltunnel.html , we might end up using socat with your program, too. Lucian
