[zeromq-dev] Message source identification/authentication
Pieter Hintjens
pieterh at gmail.com
Mon May 13 14:34:21 CEST 2013
CurveZMQ will work as a ZMTP plugin and so be available to all languages,
but also at the czmq level for different use cases.
On May 12, 2013 1:34 PM, "Randall Nortman" <rnzmq at wonderclown.net> wrote:
> On Sun, May 12, 2013 at 01:12:11PM -0400, Pieter Hintjens wrote:
> > Hi Randall,
> >
> > I think there's no real problem here, I'll explain why.
> >
> > The one thing I wanted to disable by design in the protocol was mixing
> > different levels of security on one socket; so all clients at least
> > use the same security mechanism. Now, a mechanism like CurveZMQ will
> > allow the server to authenticate each client (we'd do this with
> > out-of-band messages), and attach an internal identifier to each
> > authenticated client, and then attach that to each incoming message.
> >
> > Since 3.x we fixed the API to allow message properties (e.g.
> > zmq_msg_more) in a clean and extensible way. So when we get to this,
> > we can add zmq_msg_sender() that returns the authenticated client ID
> > for the current message.
> >
> > Does this help?
>
> Sounds like zmq_msg_sender() is about what I'm asking for and that
> seems like a great way to do it. Is CurveZMQ going to depend on CZMQ
> though? The website suggests that it will. The other (non-C)
> language bindings don't generally use CZMQ but rather libzmq directly,
> so that could be a problem for me (using Python).
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130513/d07e7068/attachment.htm>
More information about the zeromq-dev
mailing list