[zeromq-dev] How to use ZeroMQ's security features
Diego Duclos
sakari at whiteglovegames.com
Fri Sep 20 12:51:01 CEST 2013
After reading through: It seems that, by design, there isn't any way to
securely authenticate someone using purely a username and a password (akin
to SRP for example).
Seeing as the security layer in ZMQ is extensible, is this something that
is possible to add in ?
On Fri, Sep 20, 2013 at 10:04 AM, Pieter Hintjens <ph at imatix.com> wrote:
> On Fri, Sep 20, 2013 at 9:43 AM, Laurent Alebarde <l.alebarde at free.fr>
> wrote:
>
> > One question please : In the Iron House, does the authenticator use some
> > metadata to open directly the right client's certificate, or does it try
> > everyone until it finds a match ?
>
> It looks for a match on the client public key. The metadata will (not
> yet implemented) be available to the application so it knows where a
> message came from.
>
> > Otherwise, if we have thousands certificates and a lot of clients
> connecting
> > together, we may have a race. I don't know what is the criticity here.
>
> There's no chance of a race. Every client public key is unique and you
> can store any number of certificates in a suitable database (CZMQ uses
> an in-memory hash table but this is just one possibility).
>
> -Pieter
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130920/aa6ed9d0/attachment.htm>
More information about the zeromq-dev
mailing list