-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 20/11/14 07:10, Jason E. Aten wrote: > 1. I see RFC 1078 is generally condemned as a security risk due to > the HELP command returning a catalog of registered servicepoints, > facilitating network scanning. Can that be disabled, at least by > default? Yes. There's no HELP command in the implementation. > 2. The case *in*sensitivity of the 1078 service names would seem > to create more problems than it solves, and seems a poor choice. I > would prefer case sensitive names and some kind of specification of > the name strings binary format (utf8? ascii?) The spec was written in 1988, so I guess it's ASCII. Still, RFC 1078 is far from perfect. I've implemented it mainly because it is very simple. In the end, we maybe want to use WebSocket multiplexer instead. > 3. Bad experience: I've had even UUIDs collide. Hence it would be > great if the service could provide atomic registration of a > known-not-to-collide name prefix or suffix, so there's no > probability, however small, of failure. With tcpmux it should be > trivial to implement, and provide clients iron-clad guarantee of > that this name is a true nonce, never before and never again > issued. This would be a strong selling point, making client side > programming much easier. How would you do that? IANA-style registration or something programmatic rather? On a kind of related topic, I was thinking about binding to whole namespaces with WebSocket multiplexer. So, if you bind to URL "/services" you would get all the connections to "/services/foo", "/services/bar" et c. > 4. Is there sample client code available? The callback/second half > of a service-provider code is probably here on stack overflow. Is > there sample code as to how would I register with tcpmux prior to > the callback? > > http://stackoverflow.com/questions/2358684/can-i-share-a-file-descriptor-to-another-process-on-linux-or-are-they-local-to-t It's > done inside of nanomsg, just use "tcpmux" transport. Or do you want to use the multiplexer outside of nanomsg? If so, the code is pretty trivial. I can put it online in case of need. Martin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJUba08AAoJENTpVjxCNN9YIHQH/jUZ8d61VJObrFJwk+aP8PXW RFD5xrnsa/ZxzvOspe/XsW9W5Y5SGdBMSwpkxNAWSb7ogyFN7svkKMkPb8vNizmH D4F3x06ZQmDMaRDNtrSfLKzHVhGRwBW3CwZTQsDePix8d/8kEYo7FpBT6aVsZWDK +989xwlci6gKYtoFa+guEHlzf2EoNckcKZoMnzHQQSIhl7aLpcC52nIB4aoQg9Vr XoFn/I7l/4GDnnb5H72oN38nRtN1tFyE93RQxS/zEf51i38Zr4EeejPWexn2GOdF F6wP1/lxI9MMUP/b1VG3AxdT73RRUnf23vr6Vd8DCtlvBTvD31kvQBzib7zuop8= =i5CS -----END PGP SIGNATURE-----