Hi, We are adding TLS support for ZeroMQ(based on 4.2.5). Product reason, we choosed OpenSSL as TLS library.
Ask community for suggestions, which solution below is better? 1. Use TLS public certification, private key, etc as socket option (set through setsockopt), ZeroMQ manages the OpenSSL context, one OpenSSL context per socket_base_t object. 2. Use OpenSSL context as socket option(set through setsockopt), external application should provide the OpenSSL context, with public certification, private key, etc. set in context level, all ssl connections share the same configuration as the input OpenSSL context. At beginning we choosed the first solution, like curve, use public certification, private key as the socket option. But later on, we found the second solution that use external OpenSSL context can make the ZeroMQ code simpler, and more flexible, external application can configure the OpenSSL context without change the ZeroMQ socket options. Welcome your comments. Best regards, Baolong
_______________________________________________ zeromq-dev mailing list [email protected] https://lists.zeromq.org/mailman/listinfo/zeromq-dev
