[zeromq-dev] CURVE security on master
Shaukat Mahmood Ahmad
write at sma.im
Fri Jun 21 16:51:15 CEST 2013
@Pieter: Thanks for the update.
On Fri, Jun 21, 2013 at 2:42 PM, Pieter Hintjens <ph at imatix.com> wrote:
> Stable, yes (at least when we finish it), but not yet recommended for
> production use because it hasn't been aggressively reviewed by
> security experts yet. It will be marked as "Experimental" for at least
> 6-12 months. The goal of putting this into libzmq is to make it easier
> for people to critique and review it.
>
> -Pieter
>
> On Fri, Jun 21, 2013 at 11:29 AM, Shaukat Mahmood Ahmad <write at sma.im> wrote:
>> Good to know that, is current implementation (of security) stable, I
>> mean can it be used in stable applications?
>>
>> On Thu, Jun 20, 2013 at 9:37 PM, Pieter Hintjens <ph at imatix.com> wrote:
>>> Hi all,
>>>
>>> A heads-up that we now have CURVE security partially working on libzmq master.
>>>
>>> This implements these RFCs:
>>>
>>> * http://rfc.zeromq.org/spec:25/CURVE mechanism
>>> * http://rfc.zeromq.org/spec:26/CurveZMQ
>>> * http://rfc.zeromq.org/spec:27/ZAP - ZeroMQ Authentication Protocol
>>>
>>> Messages are not yet encrypted, this is the next step.
>>>
>>> I'll write a blog post about how this would work for 0MQ applications.
>>> In gross terms you need to provide public/secret keys via
>>> zmq_setsockopt, and an authentication service via the ZAP protocol (an
>>> inproc:// API).
>>>
>>> We are getting very close to (at least theoretical) fully secure
>>> authentication and encryption on ZeroMQ tcp:// connections.
>>>
>>> Thanks to Martin Hurton for the detailed work on libzmq.
>>>
>>> -Pieter
>>> _______________________________________________
>>> zeromq-dev mailing list
>>> zeromq-dev at lists.zeromq.org
>>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>> _______________________________________________
>> zeromq-dev mailing list
>> zeromq-dev at lists.zeromq.org
>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
More information about the zeromq-dev
mailing list