[zeromq-dev] How to use ZeroMQ's security features

Pieter Hintjens ph at imatix.com
Fri Sep 20 10:04:49 CEST 2013


On Fri, Sep 20, 2013 at 9:43 AM, Laurent Alebarde <l.alebarde at free.fr> wrote:

> One question please : In the Iron House, does the authenticator use some
> metadata to open directly the right client's certificate, or does it try
> everyone until it finds a match ?

It looks for a match on the client public key. The metadata will (not
yet implemented) be available to the application so it knows where a
message came from.

> Otherwise, if we have thousands certificates and a lot of clients connecting
> together, we may have a race. I don't know what is the criticity here.

There's no chance of a race. Every client public key is unique and you
can store any number of certificates in a suitable database (CZMQ uses
an in-memory hash table but this is just one possibility).

-Pieter



More information about the zeromq-dev mailing list