Stable, yes (at least when we finish it), but not yet recommended for production use because it hasn't been aggressively reviewed by security experts yet. It will be marked as "Experimental" for at least 6-12 months. The goal of putting this into libzmq is to make it easier for people to critique and review it.
-Pieter On Fri, Jun 21, 2013 at 11:29 AM, Shaukat Mahmood Ahmad <[email protected]> wrote: > Good to know that, is current implementation (of security) stable, I > mean can it be used in stable applications? > > On Thu, Jun 20, 2013 at 9:37 PM, Pieter Hintjens <[email protected]> wrote: >> Hi all, >> >> A heads-up that we now have CURVE security partially working on libzmq >> master. >> >> This implements these RFCs: >> >> * http://rfc.zeromq.org/spec:25/CURVE mechanism >> * http://rfc.zeromq.org/spec:26/CurveZMQ >> * http://rfc.zeromq.org/spec:27/ZAP - ZeroMQ Authentication Protocol >> >> Messages are not yet encrypted, this is the next step. >> >> I'll write a blog post about how this would work for 0MQ applications. >> In gross terms you need to provide public/secret keys via >> zmq_setsockopt, and an authentication service via the ZAP protocol (an >> inproc:// API). >> >> We are getting very close to (at least theoretical) fully secure >> authentication and encryption on ZeroMQ tcp:// connections. >> >> Thanks to Martin Hurton for the detailed work on libzmq. >> >> -Pieter >> _______________________________________________ >> zeromq-dev mailing list >> [email protected] >> http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
