[zeromq-dev] Generating Curve certs in pyzmq

MinRK benjaminrk at gmail.com
Sun Sep 29 01:27:30 CEST 2013


zcert and zauth are in czmq, not libzmq, and pyzmq doesn't wrap czmq. But
all of these things can be implemented with socket options, etc., which are
up to date with master in pyzmq.  Once some of the auth APIs stabilize, I
will work out what helpful utilities belong in pyzmq (e.g. easy ZAP
threads, etc.).   I'm also working on a PR to put curve_keygen into
zmq_utils, so it is available to all bindings as a library function,
without having to wrap libsodium separately.

-MinRK


On Sat, Sep 28, 2013 at 2:20 PM, Thomas S Hatch <thatch45 at gmail.com> wrote:

> I imagine I am missing something basic here, I can see where the certs are
> being generated in the examples but I am having a hard time tracking down a
> few more things...
>
> 1. In the Ironhouse example the integrity of the client is verified, but I
> am missing where the integrity of the server is verified, can I just add a
> zauth_configure_curve call to the client end and store the server's public
> cert?
> 2. I am having trouble finding the routines in pyzmq to replicate all of
> the routines in the blog post. Are the zcert_new routines in pyzmq's git
> yet? If not, can someone please point me in the right direction to know
> where I can help get them added?
>
> Thanks again for ZeroMQ and for the new Curve stuff, this is going to help
> out immensely!
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20130928/d9581a5c/attachment.htm>


More information about the zeromq-dev mailing list