[zeromq-dev] Defaulting to tweetnacl?
Roland Fehrenbacher
rf at q-leap.de
Tue Mar 1 19:45:38 CET 2016
>>>>> "F" == frank <soundart at gmx.net> writes:
F> On 03/01/2016 02:51 PM, Roland Fehrenbacher wrote:
>>>>>>> "P" == Pieter Hintjens <ph at imatix.com> writes:
P> Frank, Thanks for your opinion. You hit it spot on, I think. It
P> is really a relief to have security by default without any
P> external packages.
>>
P> Roland, would this work? Package for Debian using libsodium?
>>
>> I'm a bit confused now. I thought the point of your original mail
>> was that tweetnacl will be the default from now on and kind of
>> substituting libsodium. If that is so, the suggested path for
>> Debian would be to drop libsodium in favor of tweetnacl as well,
>> with tweetnacl linked in as an external lib, just like libsodium
>> currently is.
F> Hi,
F> sorry for causing confusion.
F> I think the old default while building from source was "no
F> cryptolib".
F> If you want crypto you have now two options:
F> - libsodium
F> - tweetnacl
F> Which you can enable with flags to the build system of choice. (I
F> used cmake on linux/debian, but there are others too in libzmq)
F> Libsodium is probably the better solution, except for these two
F> points:
F> - it does not support cmake for building :)
F> - it requires you to install/compile it somehow seperately and
F> make it
F> available to the libzmq build
F> I have tried getting cmake support into libsodium but the pull
F> request was rejected. The second point is too complex for many
F> developers who work on systems not having apt-get.
F> libzmq3 on debian stable depends already on libsodium so has
F> already deviated from the upstream default configuration
F> (thanks!) and enabled crypto. This (== using libsodium) is still
F> the right thing to do in my opinion.
Thanks for this clarification. So does everybody agree on the following:
- Use the included tweetnacl for build/compile convenience
- Use libsodium for clean distribution type of builds
- Technically, both variants are roughly equivalent in terms of
performance, stability and test exposure etc.
--
Roland
-------
http://www.q-leap.com / http://qlustar.com
--- HPC / Storage / Cloud Linux Cluster OS ---
More information about the zeromq-dev
mailing list