[zeromq-dev] Curve question... changing keys after binding server socket...

Keith Henrickson keith.henrickson at nominum.com
Tue May 20 02:44:53 CEST 2014

Presently once the server socket is bound, the keys can never change, as they’re not read from the socket options again.

Not a bad idea, but I’m wondering if that would ever change? Would the server-side ever be changed to read the keys from the options upon each connection?

If the server keys were allowed to change, what would happen to connections in progress? It looks to me like the long-term keys are not involved in the per-message crypto, so my guess would be that changing the server’s long-term secret would have no effect on connections that have already negotiated?

More information about the zeromq-dev mailing list