[zeromq-dev] ZAP / Security refactoring
Jeremy Rossi
jeremy at jeremyrossi.com
Fri Aug 23 19:44:34 CEST 2013
I have been spending sometime with zeromq and zap. With this I am thinking about refactoring the libzmq zap / security code a little to add some features and solve a problem I have.
I think we should be able to stack mechanisms. So that you are are able to use ZMQ_CURVE and ZMQ_PLAIN on the same socket. This would allow secure transport of the username/password with out having to manage the keys. Also in my use case would allow the zap provider to learn the public key of a client while still providing authentication for that learning process.
To achieve this I think the ZAP frame generation and processing should be moved to stream_engine.cpp and make calls into the mechanisms to gather the needed information to send to zap endpoint.
Figured I would start the chat before working on code and get some feedback.
More information about the zeromq-dev
mailing list