[zeromq-dev] zyre and curve key exchange

Wes Young wes at barely3am.com
Wed Jul 12 18:34:15 CEST 2017


> On Jul 12, 2017, at 12:19 PM, Benjamin Henrion <zoobab at gmail.com> wrote:
> 
> We discussed adding encryption support to Zyre at last fosdem zeromq
> hackaton, where we were using the glard daemon.

interesting, have to check it out. assuming that’s this:

https://github.com/CodeJockey/glar150

> I think the simplest use case would be to distribute keys in a "wifi
> pre-shared-key way", like a shared password to decrypt a specific zyre
> channel. I think in the glard case the channel was hardcoded to a
> specific value.
> 
> The idea with encrypted zyre was that your fridge could discover your
> TV, and if the manufacturer would have set the crypto keys in advance,
> both devices could talk to each other in an encrypted way.

understood. the patches i’m working on should cover that- basically just sending the keys down to the various actors and applying them to the sockets leaving “how you exch” at the higher levels. it’s that last step about “is there also a way to enable TLS out-of-the-box” part. because i may do authorization a diff way (and it may be a bit more fluid)…

ty for this. helpful.. :)
--
wes
wesyoung.me

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20170712/805677f1/attachment.sig>


More information about the zeromq-dev mailing list