I'm trying to devise a strategy how to deal with DEALER authentication with PLAIN and CURVE auth, assuming a public network scenario (PLAIN would be applicable if the public hop is encrypted for instance over a SSL websocket).
I have dealer clients, some of which do only getter ops; some do getter and setter ops I'd like to give the modify operations different credentials than the observer-only ops. The options I currently see are: 1. different ROUTER sockets - one for inspectors, one for modifiers (which subsumes inspection), so R/O and R/W if you will. 2. a single socket, and tack on a signature frame for modifier ops, generated from message contents and a secret shared between DEALER and ROUTER not fully happy with either - any I overlooked? (1) would mean going down the route of 'one socket per client credential set', and that doesnt scale well with more than my two (R/O vs R/W) credential sets (2) essentially means a message authentication scheme outside ZAP/zauth ; however it enables me to create an error return on credential mismatch, something I dont see yet with PLAIN and CURVE as the library stands (messages from a client with bad credentials are just dropped) do I read docs correctly that: - a CURVE auth scheme with CURVE_ALLOW_ANY is essentially an encrypted pipe without client authentication? - a recipient (eg ROUTER) cannot inspect origin credentials on a per-message basis? - a CURVE authentication without also encrypting the pipe is not possible (whacky but might make sense if the public hop is encrypted anyway) thanks in advance, Michael _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
