On Wed, Nov 23, 2016 at 02:09:50PM -0800, ashish mittal wrote: > On the topic of protocol security - > > Would it be enough for the first patch to implement only > authentication and not encryption?
Yes, authentication is the only critical thing from my POV. While encryption is a nice to have, there are plenty of storage systems which do *not* do encryption. Guest data can still be protected simply by running LUKS on the guest disks, so lack of encryption is not a serious security risk, provided the authentication scheme itself does not require encryption in order to be secure. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|