On Sun, Mar 16, 2014 at 10:30 AM, Frank Hartmann <[email protected]> wrote:
> The CMake flow did not make it into stable? Was there a special reason? Stable is a snapshot of git master from a certain point in time, plus fixes over time. I assume the CMake flow wasn't there when we started the 4.x stable fork. You could start by making sure it works on libzmq master. Then we can see about backporting that to the next stable release. > And finally I tried the CURVE encryption stuff as I was really curious. > Enabling it was very easy and non intruisive, congratulations! Thanks. That was the goal. A lot of people helped make it so. > Obviously I cannot really judge if it encrypts well, but from looking at > wireshark traces it looks like a lot of structure is still visible after > encryption: There's a small discussion of this on the CurveZMQ RFC. You can expand small messages to a certain size to avoid such analysis. You can inject bogus traffic to hide real activity. You'd do this at the application level. We may eventually move such techniques down into the library if they prove to work. > Do you have experienced any reasons why the version should vary > occasionally? No. It's not normal; presumably a race of some kind. > Currently it feels like some sort of race somewhere. Does the client > block while the encryption is established or could it happen, that the > first message is sent while other mechanism are still exchanging keys? The client blocks so it may be an error in libzmq. > BTW: The comment above the zap_handler does not make sense to me, should it? It's referring to code that isn't there any longer. I've fixed it and sent a pull request. Thanks for the review comments. -Pieter _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
