[zeromq-dev] Defaulting to tweetnacl?

Pieter Hintjens ph at imatix.com
Tue Mar 1 21:40:32 CET 2016


Well, the main issue with depending on libsodium is that in certain
environments (anything needing Cmake) the hassle of building it is so
large that people either don't use ZeroMQ, or use it without security.

The tweetnacl code is much smaller and simpler than libsodium. I don't
think it's accurate to describe it as "less robust" than libsodium.
We'll see how much maintenance it needs over time.

On Tue, Mar 1, 2016 at 9:34 PM, Jim Garlick <garlick at llnl.gov> wrote:
> On Tue, Mar 01, 2016 at 07:45:38PM +0100, Roland Fehrenbacher wrote:
>> Thanks for this clarification. So does everybody agree on the following:
>>
>> - Use the included tweetnacl for build/compile convenience
>> - Use libsodium for clean distribution type of builds
>> - Technically, both variants are roughly equivalent in terms of
>>   performance, stability and test exposure etc.
>
> -1
>
> I thought you made a strong point here Roland:
>
>> While bringing some convenience, I think it's bad practice to bundle
>> external code in one's own project. Most strongly, this applies to
>> heavily security related stuff like an encryption library, IMHO.
>> Will ZMQ provide timely security fixes for tweetnacl?
>
> Let crypto people maintain crypto libs, and distro people worry about
> pushing out security updates whenever possible.
>
> It at least seems wrong to have libzmq silently use builtin tweetnacl if
> libsodium is not found, as that might lead to people not getting the
> robust build they intended.
>
> Jim
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev



More information about the zeromq-dev mailing list