[zeromq-dev] Authentication with curve
Pieter Hintjens
ph at imatix.com
Tue Dec 31 03:32:53 CET 2013
On Mon, Dec 30, 2013 at 6:18 PM, Nicolas Delaby <ticosax at free.fr> wrote:
> I would like to know how I can reliably authenticate a peer based on its
> curve public_key value and its identity (assuming the zap_handler is
> coupled with a ROUTER socket) ?
>
> As the zap handler receive only the public_key value but client socket
> identity. Is it safe to consider that the immediate next recv() answer
> from ROUTER contains the identity of the peer I just authorized within
> zap handler ?
You don't authenticate a peer based on its identity. You authenticate
based on public key and optionally the server socket domain. ZAP
authentication happens before any recv() and you cannot depend on any
correlation between the two, except any recv() delivers messages from
an authenticated sender.
-Pieter
More information about the zeromq-dev
mailing list