
Il 01/10/2014 22:23, Wouter Verhelst ha scritto:
Hi,
On Fri, Sep 05, 2014 at 03:26:09PM +0200, Wouter Verhelst wrote:
Tunneling the entire protocol inside an SSL connection doesn't fix that; if an attacker is able to hijack your TCP connections and change flags, then this attacker is also able to hijack your TCP connection and redirect it to a decrypting/encrypting proxy.
I agree that preventing a possible SSL downgrade attack (and other forms of MITM) should be high on the priority list, but "tunnel the whole thing in SSL" doesn't do that.
So, having given this some thought, I wanted to come up with a spec just so that we had something we could all agree on. As part of that, I had a look at qemu-nbd, and noticed that it uses the "oldstyle" handshake protocol (on port 10809 by default -- ew, please don't do that).
Can you use new-style handshake with a single unnamed export? Export names are a useless complication for qemu-nbd. Paolo