On Friday, December 14, 2012 12:23:19 AM Pieter Hintjens wrote: > On Thu, Dec 13, 2012 at 11:42 PM, Jovan Kostovski <[email protected]> wrote: > > I know that ZeroMQ supports TLS > > shared keys encryption... > > It doesn't, yet, unfortunately. > > If you need encryption, you will need to either do it at a lower layer > (VPN), which is usually quite nasty, or else modify the TSP protocol > to do encryption using something like SASL, which is also nasty. > > You can also encrypt per message, using pre-shared keys, which is the > least nasty option IMO.
Another idea is to gateway through a secure protocol such as HTTPS or XMPP when crossing hostile networks. This isn't really a ZeroMQ solution, but if the majority of your sockets aren't at risk and you're just trying to protect a couple of them that go over the internet, it's probably the best choice in terms of secureness vs nastiness. :) It is, however, quite some extra coding. Justin _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
