[zeromq-dev] ZMQ and TLS ( again )
Wes Young
wes at barely3am.com
Mon Jul 23 03:34:46 CEST 2012
> I rather prefer the integrated approach Wes Yuong used through
> "zmq_setsockopt ( socket, ZMQ_TLS, "true", 5 )" as it is easier to use,
> better integrated into the ZeroMQ API, and overall much cleaner from a
> users point of view.
:)
> What are the chances to integrate this into the latest ZeroMQ code base ?
> It seems to me that the impact would be minimal and the benefits would be
> outstanding.
fwiw: [at the time] i was waiting for 3.x to settle down a bit before diving back into this.
> If the documentation points out exactly when and how to use TLS, then I
> think the concerns about unsupported communication types can be mitigated.
> Also if this can be enabled during compile time through a switch to the
> configure script it would not interfere with the other core features.
>
> My last point is that the changes which I saw on git seem minimal, which
> should be good news to any one concerned about code-bloat.
we were trying to do it as a compile time argument for starters, and what we started figuring out (to be tested) after reading through [just about all of] libgnutls is that we might even be able to get away with "anonymous" TLS at the zmq level and leave the "Identity / auth" up to the higher levels of the protocol itself (being implemented in our testing as protobuf atm).
> Encryption is or should be an inherent capability of sockets and socket
> libraries in this day and age.
while i don't disagree, and i think the solution will be a rather elegant one (i hope :x); it's a tough problem to solve correctly. some of which is determined on how the low-level stack was/is implemented (the way libzmq works and the way gnutls works)…
> Please consider adding TLS encryption to ZeroMQ, if only as alpha for now.
the original branch i wrote should be considered alpha in and of itself. i hadn't gotten much feedback other than "that's a neat idea" yet. this kind of crypto (at this level) could prove to make zmq unstable, which is why even in the branch you have to add it at compile time as a ./configure flag.
crypto is hard; gnutls is worse; and if you do it wrong you're going to screw a *lot* of people in the process. which is why i'm guessing i haven't gotten a lot of other eyeballs on it just yet either :)
either way, we should have more traction on our end for this come early fall or so. we'll be getting to a point in our project where we'll start testing these kinda links at scale… one way or the other it's on our list of things where it's a requirement to be solved.
cheers,
--
Wes
wesyoung.me
collectiveintel.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20120722/c2664297/attachment.sig>
More information about the zeromq-dev
mailing list