Hi Pieter,
I am not sure, from the basic security principles
<http://en.wikipedia.org/wiki/Information_security#Key_concepts>:
Confidentiality, Integrity, Availability, Authenticity, Non-repudiation,
which one are covered by CURVE ?
I assume (in parenthesis, the defenses listed in the curve RFC
<http://rfc.zeromq.org/spec:26>):
* Confidentiality: yes (Eavesdropping, Key theft attacks, Identifying
the client)
* Integrity: yes (Altering data)
* Availability: restricted, has to be performed at system level
(Denial-of-Service attacks)
* Authenticity: yes (Fraudulent data, Replaying data, Amplification
attacks, Man-in-the-middle attacks,
* Non-repudiation: I realy don't know
Can you confirm or correct me please.
Cheers,
Laurent
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
