If I may say something here... the original question was how to append
the VNC header, so that the VNC client-compatible RFB auth could be
supported. We all know this is not "secure", but it's a common
feature of VNC and supporting it is not a bad thing IMHO. Adding it
to QEMU is no less secure than using a regular Xvnc server with rfb
auth enabled. You can always tunnel this via ssh to make it secure,
or use it over a VPN. I doubt any serious user really considers it
unbreakable security, when it is really just advertised as
authentication, which is not the same thing. Generally speaking, if
you are going to act like a VNC server (which QEMU now does), why not
support the type of authentication that the regular VNC clients
support? I think discrediting someone's attempt to post a patch to
support this by turning it into a security analysis among other things
is probably a good way to scare people away from contributing to this
open source project we all love. I don't see an RFB auth patch and
support for some strong type of encryption as a separate patch as
mutually exclusive.
Regards,
Leo Reiter
On 2/22/07, Johannes Schindelin <[EMAIL PROTECTED]> wrote:
Hi,
On Thu, 22 Feb 2007, Anthony Liguori wrote:
> Johannes Schindelin wrote:
> >
> > This invariably leads to user confusion. ("But I _did_ use encryption?
> > What do you mean, it is not encrypted, and the handshake is weak?")
> >
>
> I understand. The solution is education. The documentation for vnc
> auth support should make it very clear that it's plain-text equivalent.
Blessed are you when your users read documentation...
Ciao,
Dscho
_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
