On Wed, 2015-02-25 at 10:46 -0500, Alan Conway wrote: > ... > One ignorant question: Qpid has a min/max "Security Strength Factor" for > encryption rather than a binary enable/disable. Is that relevant here?
(Hardly an ignorant question!) You make a very good point, and this design may indeed be a little simplistic - largely because I've not implemented the encryption side yet! 1. I doubt that max ssf is all that useful in practice. 2. Effectively pn_transport_require_encryption() is the same as setting min ssf >1, but is simpler to understand! An alternative might be pn_transport_require_ssf(int) however that isn't as clear and it's not obvious how to choose the ssf value. Perhaps the '1' should be configurable differently. Some input from those who did the similar work in qpidd might be useful. Just some random wittering. Andrew --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
