On Tue, Apr 12, 2011 at 9:32 PM, Dan Ellis <[email protected]> wrote:
> I'm re-posting this here, because the IRC channel is very quiet. Easter holidays, at least in some parts of the world... > I was thinking zmq would be an excellent protocol to build upon for a > chat server... For sure. > I could have the authentication cause a new, dedicated PUB socket to > be created, and give its port number in the response, but that would > lead to a race condition where someone else could connect as soon as > it was opened. I've not yet covered authenticated pub-sub in the Guide but there are a few options. I'd avoid 'secret' ports since it's trivial to discover open ports by scanning. The proper, secure, way is to authenticate clients on one port, which would be a ROUTER in the server and a REQ or DEALER in the client, and then provide the clients with a key. A good pattern would be the Freelance pattern from the Guide Chapter 4. Secondly, to encrypt each channel with a key, so the clients can decrypt it, and use a single pub/sub socket for all channels. Encrypting/decrypting like this will cost a little CPU but that's not relevant for chat. You can then authenticate per client/channel, and create public channels that aren't encrypted, vs. private ones that are. Hope this helps. -Pieter _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
