[nanomsg] Re: How is security going to be implemented in nanomsg?

  • From: Achille Roussel <achille.roussel@xxxxxxxxx>
  • To: "nanomsg@xxxxxxxxxxxxx" <nanomsg@xxxxxxxxxxxxx>
  • Date: Mon, 16 Jun 2014 09:07:15 -0700

If I may give my opinion on the subject, saying nanomsg is not going to support 
security mechanisms because it's intended to be used inside private networks 
only is equivalent to expecting people not to use the lib at all. 
Maybe your requirements make it that you only have nodes in a single data 
center but companies have multi-data centers architectures and in nowadays 
world you can't trust any external link anymore not to be listened even if 
you're not going to the public internet explicitly. 
On top of that, more and more of our communications are wireless nowadays, 
we're using mobile devices and soon others like flying drones and 
communications on these channels will require some sort of security schema to 
protect communications. 
I think it's a matter of deciding whether nanomsg is designed to solved 5% or 
95% of problems we face when we need to do message oriented networking (numbers 
are made up but you get the idea). 
That being said, the nanomsg design does make it more tricky in some cases to 
integrate existing security solutions, but nanomsg isn't perfect and we can 
work on trade offs to put it in a better place. If your apps require a strong 
security level you're probably willing to give away some features of the 
protocols you're using... There will always be cases where nanomsg was the 
wrong tool and it can't solve every world's issues, but it can be improved to 
help solving most of them. 

Achille Roussel
+1 415 490 6339

> On Jun 16, 2014, at 5:19 AM, Martin Sustrik <sustrik@xxxxxxxxxx> wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
>> On 16/06/14 12:59, Drew Crawford wrote:
>> 
>> There are certainly applications that can fit nicely in these 
>> requirements.  But I think they are primarily, if not entirely, 
>> enterprise-style messaging applications.  So this reinforces what I
>> said earlier, that this trajectory leads to being a great
>> messaging framework, and not an internet communications library.
> 
> Well, yes.
> 
> The good news is that no other library is doing better in this respect.
> 
> Martin
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> 
> iQEcBAEBAgAGBQJTnuDJAAoJENTpVjxCNN9YeWgH/RfSXe0N5/3DQtiIYWCl1lpE
> 9IZewVsZ9TU92itJo+dGgIy8joJ3l4NWbLQAJl2dI5H2gJwsXTH8z9VET/F0nwvX
> hC9OInpe6Nl/dRjFe8UNaUtbJoNAoMObaF1D+ric+uMUkaGMJprqCOwZcRcxWZ4O
> 5FFLJlQ2v6Yqth9FGEodpIrtTrZLxN18w3MWIEAW8qfrekWbTKl0esK7ppRJXU+N
> 979b7K4dZBIdZ4zavNozHPeN45lzo5GE+1Km5eNaumuw7XvDQciC9s5QI6jKsTLt
> PVNaCsZvoZsQ03PLibz6NSNBTlkejW8RmpW8BaxoGR+d6qdtIEg5ieiBmBkIitY=
> =otwm
> -----END PGP SIGNATURE-----
>

Other related posts:

  1. Home
  2. nanomsg
  3. Archive
  4. 06-2014