[zeromq-dev] some ideas for the xauth module in czmq

Peter Kleiweg pkleiweg at xs4all.nl
Fri Jun 27 22:06:54 CEST 2014


I have been looking again at the security features in de Go 
bindings for ZeroMQ, in github.com/pebbe/zmq4 . 

Earlier, I wrote something that offers similar functionality as 
the xauth module in czmq. It supports domains, which are not 
supported yet in xauth (I think I read that somewhere).

Now I have come up with two new features. I think they might be 
useful for xauth too. Both have to do with whitelist and 
blacklist.

One thing I added was to use domains for these too, just like 
already used for plain users and curve public user keys.
Since there can be only one ZAP socket, all differentiation has 
to be done based on socket domains. So you really need this.

The other is to support not only IP addresses, but also IP 
networks, e.g. 123.45.67.0/24





-- 
Peter Kleiweg
http://pkleiweg.home.xs4all.nl/



More information about the zeromq-dev mailing list