Thank you Pieter !
Le 13/09/2013 13:30, Pieter Hintjens a écrit :
Libzmq and libcurve were being written at the same time, so duplicate
all the code used to implement CurveZMQ. One is C++, one is C.
Libzmq assumes tcp:// as the transport and ties its CURVE security
into connection negotiation as required by the ZMTP protocol.
Libcurve's curve_codec class does not assume any specific transport
and could work over anything that provides an addressable transport
(so not PUB-SUB or PUSH-PULL, but ROUTER-DEALER, HTTP, even email.)
Libcurve's curve_client and curve_server classes are pseudo-sockets
that actually do full I/O over ZMQ. The use case for these is
end-to-end privacy across untrusted servers. I'll show this later with
examples but it's far beyond what anyone needs today.
So in conclusion:
* if you want CURVE security in normal ZMQ apps, use libzmq master
(and soon, 4.0)
* If you want to make CurveZMQ work across arbitrary other transports,
you may enjoy libcurve
And finally, there is scope for extracting the CURVE encoding/decoding
from libzmq and making a pure C codec that is used both in libzmq and
libcurve. If anyone feels like it...
-Pieter
On Fri, Sep 13, 2013 at 1:03 PM, Laurent Alebarde <[email protected]> wrote:
Great article. Thank you Pieter.
Could you please elaborate a little more onto libcurve and libzmq/CURVE
"works at a different level" ? How do they compare exactly ?
Cheers,
Laurent.
Le 13/09/2013 11:58, Pieter Hintjens a écrit :
On Fri, Sep 13, 2013 at 11:02 AM, Laurent Alebarde <[email protected]>
wrote:
Shall I understand that CURVE in libzmq implements the same functionalities
as libcurve, but in C++ and fully integrated to libzmq ? Do we inherit
directly of all the available transports (DEALER/ROUTER, STREAM, REQ/REP,
etc) ? And multi-clients management ?
Yes, that's right. I'm writing this up, here's the latest article:
http://hintjens.com/blog:48
In multi-client, the server uses the same long term key-pair for all
clients, and a dedicated short term key-pair for each socket initialisation
? In my understanding, but I have not yet reviewed the libzmq code, there is
one codec per client, them one short term key-pair per client ?
Yes, indeed.
-Pieter
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
