On Wed, 2016-10-05 at 14:56 +0100, Luca Boccassi wrote: > zauth and zcert can work with any socket and are the correct choice. > Curvezmq was a proof of concept (and made to bring auth for the legacy > libraries) and should not be used with libzmq/czmq as there's built in > support. >
OK so authentication/encryption needs to be (separately) applied to every socket. And if some other part of the system springs up a socket between client & server for its own use, it has to remember to build in the zauth/zcert calls. Mark > On 5 October 2016 at 09:27, Mark Gillott <[email protected]> wrote: > > Suppose we have a server and one or more client applications that > > communicate using a number of 0MQ sockets; a ROUTER-DEALER, a PUB-SUB > > and a REP-REQ. > > > > Is it possible to use CurveZMQ to secure all of these connections? Using > > the various zactor, zcert & zsock_set_curve functions I can secure the > > ROUTER-DEALER connections. But what about the other two? > > > > What I really want is to be able to do is secure the lower layer > > transport such that *any* 0MQ socket between client & server is always > > secure. From the curvezmq.org page: > > > > To secure a single hop between client and server, which is the > > CurveCP use case. For this use case we would embed CurveZMQ in > > the transport layer so that it can work for all patterns > > (publish-subscribe, pipeline, and so on). > > > > Yet I can't find any example. The examples I've seen secure a single > > socket. Have I misunderstood? Can I build a CurveZMQ-based "pipe" over > > which other 0MQ sockets can operate? > > > > Thanks, > > > > Mark > > _______________________________________________ > > zeromq-dev mailing list > > [email protected] > > https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.zeromq.org_mailman_listinfo_zeromq-2Ddev&d=DQIGaQ&c=IL_XqQWOjubgfqINi2jTzg&r=jvQi-CKjLvh8eMz9WSgpXPemqlgP9vG7H0zwS3acfHk&m=gOqAiEHvYlTrTLGnWRWdFSR9dHwNTwB_wmYvb_WDKxM&s=oBgMsrha1azZ7qDvJEl-ki-0QCyO_C1hOC4Q-tDf5Q0&e= > > > _______________________________________________ > zeromq-dev mailing list > [email protected] > https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.zeromq.org_mailman_listinfo_zeromq-2Ddev&d=DQIGaQ&c=IL_XqQWOjubgfqINi2jTzg&r=jvQi-CKjLvh8eMz9WSgpXPemqlgP9vG7H0zwS3acfHk&m=gOqAiEHvYlTrTLGnWRWdFSR9dHwNTwB_wmYvb_WDKxM&s=oBgMsrha1azZ7qDvJEl-ki-0QCyO_C1hOC4Q-tDf5Q0&e= > _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
