From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52087) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJ0wS-0004V6-N6 for qemu-devel@nongnu.org; Wed, 04 Feb 2015 09:28:33 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YJ0wM-0001Er-Je for qemu-devel@nongnu.org; Wed, 04 Feb 2015 09:28:32 -0500 Received: from mail-wi0-x22e.google.com ([2a00:1450:400c:c05::22e]:36219) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJ0wM-0001Ei-DL for qemu-devel@nongnu.org; Wed, 04 Feb 2015 09:28:26 -0500 Received: by mail-wi0-f174.google.com with SMTP id n3so32219212wiv.1 for ; Wed, 04 Feb 2015 06:28:25 -0800 (PST) Sender: Paolo Bonzini Message-ID: <54D22C86.8050100@redhat.com> Date: Wed, 04 Feb 2015 15:28:22 +0100 From: Paolo Bonzini MIME-Version: 1.0 References: <20150204113229.GN3032@redhat.com> <20150204130821.GH2329@work-vm> <20150204140259.GR3032@redhat.com> In-Reply-To: <20150204140259.GR3032@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] RFC: Universal encryption on QEMU I/O channels List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , "Dr. David Alan Gilbert" Cc: amit.shah@redhat.com, Marcel Apfelbaum , qemu-devel@nongnu.org, quintela@redhat.com On 04/02/2015 15:02, Daniel P. Berrange wrote: > > I'm not sure if it makes sense for RDMA; it already has a couple of hooks > > that go around the back of QEMUFile in migration, and it's transferring the > > data via DMA so the page data doesn't go through the same path. > > Could you ever anticipate any need for authentication or encryption in > the RDMA based channel ? I don't know enough about RDMA myself to know > if it makes sense or not, other than the fact that any channel between > two separate hosts needs security at some level in the stack. Authentication, possibly; but I don't think encryption makes sense. Marcel? Paolo