[This message was posted by Ryan Pierce of CME Group <[email protected]> to the "Information Security" discussion forum at http://fixprotocol.org/discuss/3. You can reply to it on-line at http://fixprotocol.org/discuss/read/f8f2bd9e - PLEASE DO NOT REPLY BY MAIL.]
The FPL White Paper on this topic: http://www.fixprotocol.org/documents/3569/FIX%20Security%20White%20Paper-1.8-FINAL.pdf discusses both IPSec and SSL/TLS. You might want to look into the latter, as well. I have heard a good deal of buzz around SSL/TLS in FIX circles. I see a number of commercial engine vendors offering support, and at least one open source engine integrating it as well. But the best part is that native engine support for it isn't even required; "stunnel" is an open-source proxy that can transparently sit in the middle of a FIX session and provide SSL/TLS encryption and authentication using X.509 certificates, either for FIX session intiators or acceptors. I do want to caution that stunnel configuration must be done properly. The White Paper referenced above talks about some of the issues. [You can unsubscribe from this discussion group by sending a message to mailto:[email protected]] -- You received this message because you are subscribed to the Google Groups "Financial Information eXchange" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/fix-protocol?hl=en.
