[zeromq-dev] EncryptedSocket added to pyzmq in branch

Burak Arslan burak.arslan at arskom.com.tr
Tue Nov 2 12:23:49 CET 2010


 On 11/02/10 13:07, Mikael Helbo Kjær wrote:
> Hi
>  
>> 2) it can't tell ciphertext from plaintext. as previously mentioned,
>> this ability requires changes to the wire-protocol. if security-related
>> changes are to be introduced, i'd prefer to start at socket identity
>> signing. (a la dnssec) you can imagine that this is a HUGE can of
>> worms,
>> and i think zeromq has much more security-related problems until we
>> come
>> to that.
> I don't have an informed opinion on the python stuff, but I can't help but having to ask about all of the claims about security and stability related problems I've seen on the list recently. Does zmq have fundamental issues I am unaware off? Or is it as I thought just immaturity? 

i was referring to the issue outlined in the "rogue clients" thread. as
long as you run zeromq in a trusted environment behind a firewall,
you're fine.

my point was that if your environment is trusted, you don't need any
encryption anyway :)

> Regards,
> Mikael
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev




More information about the zeromq-dev mailing list