[zeromq-dev] ZAP field (was: Re: ZMTP 1.0 clarification)

Pieter Hintjens ph at imatix.com
Mon Aug 18 10:40:18 CEST 2014

On Sun, Aug 17, 2014 at 10:22 PM, Merijn Verstraaten
<merijn at inconsistent.nl> wrote:

> Right, so the binary format is uint32_t/uint64_t, but with the restriction that the maximum value they should contain is INT32_MAX/INT64_MAX.

Yes. I guess this should be stated explicitly.

> And a, hopefully, last one: The ZAP RFC specifies that an authentication request contains an identity field, which holds: “The identity, the identity of the originating ZeroMQ socket.”, from the protocol structure I’m guessing that the “originating socket” is the “local” one, that is:

It's confusing, even to me when I re-read the RFC. In fact it's the
Identity field provided at connection time in the metadata. I've
clarified that, and renamed "identity" used elsewhere in the document
to "routing ID", which is a term I'd like to use whenever talking
about ROUTER sockets and their address mangling.

> If node A uses a socket with identity Foo to connect to a (server) socket with identity Bar on node B, then the auth request is handled on node B by sending a request with the identity “Bar” to the auth socket, yes?


> Similarly, the auth response contains a user id, but I don’t see mention of it’s use anywhere?

It's provided to the application in the message metadata, as User-ID,
and allows mapping of connections to application-specific user IDs for
access control.


More information about the zeromq-dev mailing list