[zeromq-dev] ZMQ and TLS ( again )
varokan at movingsatellites.com
varokan at movingsatellites.com
Fri Jul 20 19:36:57 CEST 2012
Just a quick question regarding encryption.
I read that there are considerations to leverage tcpcrypt or similar for
opportunistci encryption but I also found Wes Youngs GnuTLS implementation
in ZeroMQ itself.
https://github.com/wesyoung/libzmq
I rather prefer the integrated approach Wes Yuong used through
"zmq_setsockopt ( socket, ZMQ_TLS, "true", 5 )" as it is easier to use,
better integrated into the ZeroMQ API, and overall much cleaner from a
users point of view.
What are the chances to integrate this into the latest ZeroMQ code base ?
It seems to me that the impact would be minimal and the benefits would be
outstanding.
If the documentation points out exactly when and how to use TLS, then I
think the concerns about unsupported communication types can be mitigated.
Also if this can be enabled during compile time through a switch to the
configure script it would not interfere with the other core features.
My last point is that the changes which I saw on git seem minimal, which
should be good news to any one concerned about code-bloat.
Encryption is or should be an inherent capability of sockets and socket
libraries in this day and age.
Please consider adding TLS encryption to ZeroMQ, if only as alpha for now.
Thanks,
Varol
More information about the zeromq-dev
mailing list