Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/websocket-proxy-to-host-security.
Currently, while the noVNC and HTML5 SPICE clients can use TLS-encrypted
WebSockets to communicate with Websockify (and authenticate with Nova console
tokens), the encryption and authentication ends there. There are neither
encryption nor authentication between Websockify and the hypervisors'
VNC and SPICE servers.
This blueprint would propose introducing a generic framework for supporting
MITM security for Websockify to use between itself and the compute nodes.
Specification URL (additional information):
This bugzilla has been removed from the release and needs to be reviewed and Triaged for another Target Release.
*** This bug has been marked as a duplicate of bug 1025429 ***