[zeromq-dev] CurveZMQ availability plan ?
Merijn Verstraaten
merijn at inconsistent.nl
Thu Aug 8 17:59:26 CEST 2013
On Aug 8, 2013, at 15:48 , Laurent Alebarde wrote:
> Concerning ZAP, I have re-read the RFC27 and https://github.com/zeromq/rfc/blob/master/src/spec_27.c. Both the use cases and how to use it are unclear to me. BTW, it seems from RFC26 that CurveZMQ provides server and client authentication. So, why would we need ZAP ? There is something I don't catch.
CurveZMQ provides authentication, ZAP provides authorisation.
The naming (i.e. ZMQ Authentication Protocol) is a bit unfortunate. CurveZMQ only deals with "client managed to authenticate", it doesn't decide whether a specific client is allowed to connect to a certain socket (beyond the basic unauthenticated clients can't connect).
ZAP lets you add arbitrary authorisation mechanisms to decide based upon authenticated identity.
Cheers,
Merijn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130808/58caf398/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130808/58caf398/attachment.sig>
More information about the zeromq-dev
mailing list