Thanks for the update. I was holding out hope that someone might have taken a
crack at it already.
Yes, TLS is a pretty complicated protocol that supports tons of different
cipher suites and options. I certainly wouldn’t recommend reimplementing the
protocol natively inside 0MQ.
I’m just curious about how hard it would be for 0MQ to use (and expose) a D/TLS
implementation instead of TCP / UDP?
I’m guessing the primary obstacles would be dependence on an external D/TLS
library (which maybe could be addressed with conditional compilation), how to
have a simple 0MQ API that exposes the functionality / configurability of the
D/TLS transport, and possibly objections to the security models (e.g. - X509
certs, CAs, HMAC then encrypt, etc.) of TLS itself.
On Feb 13, 2018, at 5:42 PM, Luca Boccassi <luca.bocca...@gmail.com> wrote:
The situation is the same - security is only supported through Curve or
Not for any particular reason if not that nobody has contributed any
other implementation. This is probably due to the fact that SSL is
awfully, awfully complex (but I understand your requirements.
zeromq-dev mailing list