On Mon, Jan 15, 2007 at 06:20:19PM +0000, Richard W.M. Jones wrote:
[Apologies that this is not threaded with the original post]
Following on from the issue of certificate management, is the issue of authentication. This hasn't been an issue thus far, because Xen has zero authentication. I'm not planning to make this same mistake with the QEMU management daemon though - its going to have a secure data transport and real authentication from day-1. Thus we need to consider how authentication is exposed at the libvirt client API layer.
First off, there are many possible authentication approaches:
- Username + password - Username + one time key - Username + password digest - Kerberos tickets - x509 certificates - ...etc
I would definitely avoid over-engineering a solution.
Yes, that's my biggest concern at this stage - I think my initial mail proposal has rather lot of complexity which will be a PITA for people using libvirt. For the near-term I think we might be better ignoring my first proposal in this thread & just requiring either a. certificate based authentication or b. username + password, making use of the fact that URIs already have provision for embeedding a username & password, so we'd not need extra libvirt APIs for this. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|