[zeromq-dev] EncryptedSocket added to pyzmq in branch

Blair Bethwaite blair.bethwaite at monash.edu
Tue Nov 2 22:22:48 CET 2010


On 3 November 2010 07:57, Burak Arslan <burak.arslan at arskom.com.tr> wrote:
> 1) the zeromq-2.0.10 release is still remotely crashable, so you need a
> trusted network. encryption does not make sense in a trusted network.

I don't follow your logic here. Knowing enough about a network to
allay concerns of rogue clients crashing your servers doesn't preclude
wanting your message payloads encrypted, AFAICT. I agree that, e.g.,
across the internet you want both hardened servers and encryption
(actually you want the former all the time!).

Basically what I mean is that "trust" is not black and white, you
might for example trust your network enough to leave most traffic
unencrypted but wish to encrypt certain messages - perhaps pertaining
to personal information. In fact, it's not much of a stretch to
imagine cases where policy requires message encryption even in a
highly secure and trusted network.


More information about the zeromq-dev mailing list