[zeromq-dev] Fwd: Access control

Oliver Smith oliver at kfs.org
Tue Jul 27 17:58:27 CEST 2010

On 7/27/2010 10:54 AM, Pieter Hintjens wrote:
>> Wait - they can connect to our publisher: otherwise the Internet
>> wouldn't be much use from behind NAT. It's just making connections back
>> to them that's difficult.
> Of course they can connect to the publisher but there is no way for
> your application code to authenticate those connections.
Ah - that's where initially treating the socket as a REQ/REP came in: 
they would connect to me, send me their authentication data, and if 
that's accepted, then I would move that underlying socket to the members 
of my middle-level pub/sub pair (with me as pub, them as sub).

- Oliver

More information about the zeromq-dev mailing list