There's a guide to ZeroMQ v4's security, on http://hintjens.com/blog:_zeromq.
JeroMQ support is coming, without timelines. It always depends on pull from users and funding. All security is experimental until it's broken. Rolling your own security would be the worst option. You can study the CurveZMQ docs in detail to see how it works, and get some level of confidence. It comes down to trusting NaCl and CurveCP, and the implementation of CurveZMQ in libzmq. At this stage I'd assume there are far easier exploits into a ZeroMQ peer than by cracking its front-door security, if you use CURVE. I hope this helps. -Pieter On Sat, Feb 15, 2014 at 3:05 PM, Stephane Wirtel <[email protected]> wrote: > May be use the same principle of salt, use aes > > On 15 févr. 2014, at 02:41 PM, Mark Wright <[email protected]> > wrote: > > I'm looking to at least encrypt messages on the wire, at most to mutually > authenticate clients and servers. The CurveZMQ site says that it's > "experimental" - is it not ready for use? > > Is there a timeline for JeroMQ support? > > -- > Mark Wright > [email protected] > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
