Hey, On Wed, Jan 28, 2015 at 05:44:42PM +0100, Joerg wrote: > Hello, > > i'm experiementing with spice/libvirt. > > I like to achieve a secure (encrypted) connection to an qemu VM > started by libvirt with client authentication based on certificates. > > I'm as far as having a running spice server on an tlsport. > > But from the documentation i could find, i suppose this connection is > only validated in terms of server authenticity. > > The server does not validate the client certificate. > Is that true?
Yes, as far as I know, the spice-server is not able to authenticate clients connecting to it. > > Could you shed some light on how secure spice connection > are supposed to work. Not having the client authenticated seems not > correct in this scenario. I agree that this is something which would be nice to have, though I think this is the first time someone mentions this. Could you file a bug for that? Thanks, Christophe
pgp6d7sKWtXcM.pgp
Description: PGP signature
_______________________________________________ Spice-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/spice-devel
