Libzmq and libcurve were being written at the same time, so duplicate all the code used to implement CurveZMQ. One is C++, one is C.
Libzmq assumes tcp:// as the transport and ties its CURVE security into connection negotiation as required by the ZMTP protocol. Libcurve's curve_codec class does not assume any specific transport and could work over anything that provides an addressable transport (so not PUB-SUB or PUSH-PULL, but ROUTER-DEALER, HTTP, even email.) Libcurve's curve_client and curve_server classes are pseudo-sockets that actually do full I/O over ZMQ. The use case for these is end-to-end privacy across untrusted servers. I'll show this later with examples but it's far beyond what anyone needs today. So in conclusion: * if you want CURVE security in normal ZMQ apps, use libzmq master (and soon, 4.0) * If you want to make CurveZMQ work across arbitrary other transports, you may enjoy libcurve And finally, there is scope for extracting the CURVE encoding/decoding from libzmq and making a pure C codec that is used both in libzmq and libcurve. If anyone feels like it... -Pieter On Fri, Sep 13, 2013 at 1:03 PM, Laurent Alebarde <[email protected]> wrote: > Great article. Thank you Pieter. > > Could you please elaborate a little more onto libcurve and libzmq/CURVE > "works at a different level" ? How do they compare exactly ? > > Cheers, > > > Laurent. > > > Le 13/09/2013 11:58, Pieter Hintjens a écrit : > > On Fri, Sep 13, 2013 at 11:02 AM, Laurent Alebarde <[email protected]> > wrote: > > Shall I understand that CURVE in libzmq implements the same functionalities > as libcurve, but in C++ and fully integrated to libzmq ? Do we inherit > directly of all the available transports (DEALER/ROUTER, STREAM, REQ/REP, > etc) ? And multi-clients management ? > > Yes, that's right. I'm writing this up, here's the latest article: > http://hintjens.com/blog:48 > > In multi-client, the server uses the same long term key-pair for all > clients, and a dedicated short term key-pair for each socket initialisation > ? In my understanding, but I have not yet reviewed the libzmq code, there is > one codec per client, them one short term key-pair per client ? > > Yes, indeed. > > -Pieter > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > > > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
