On 04/12/2016 07:27 AM, Alex Bligh wrote: > * Call out TLS into a separate section > > * Add details of the TLS protocol itself > > * Emphasise that actual TLS session initiation (i.e. the TLS handshake) can > be initiated from either side (as required by the TLS standard I believe > and as actually works in practice) > > * Clarify what is a requirement on servers, and what is a requirement on > clients, separately, specifying their behaviour in a single place > in the document. > > * Document the three possible modes of operation of a server. > > * Add text defining what 'terminate the session' means during > negotiation, and when it is available. > > Signed-off-by: Alex Bligh <[email protected]> > ---
> +#### SELECTIVETLS mode > + > + > +There is a degenerate case of SELECTIVETLS where all > +exports are TLS-only. This is permitted in part to make programming > +of servers easier. Operation is a little different from FORCEDTLS, > +as the client is not forced to upgrade to TLS prior to any options > +being processed, and the server MAY choose to give information on > +non-existent exports via NBD_OPT_INFO exports prior to an upgrade s/exports prior/responses/ > +to TLS. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ Nbd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nbd-general
