[zeromq-dev] Just a simple quick question about ZeroMQ security.

Goswin von Brederlow goswin-v-b at web.de
Thu Feb 27 21:11:10 CET 2014


On Tue, Feb 25, 2014 at 09:29:45PM +0100, Pieter Hintjens wrote:
> On Tue, Feb 25, 2014 at 9:53 AM, Goswin von Brederlow <goswin-v-b at web.de> wrote:
> 
> > Obviously NULL is pointless. But so is password. A password can be
> > captured and reused so anyone can simply steal your account. So that
> > leaves public/private key pair.
> 
> They're not quite pointless... :) NULL is compatible with existing
> deployments. That's proven to be a useful thing. PLAIN is a template
> for other mechanisms. It's simple and yet has a real handshake.
> 
> There's a whole thread a few months back on certificates. It's worth
> re-reading that IMO before discussing again. It gets complex, fast
> though.
> 
> -Pieter

I ment pointless for security.

MfG
	Goswin



More information about the zeromq-dev mailing list