CurveZMQ solved the problem of transport reliability *and* security, with a simple API. Don't reinvent your own thing http://curvezmq.org
-
-
Replying to @jedisct1
@jedisct1 oh ho! Question is does it fix@CodesInChaos's concerns about CurveCP2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@CodesInChaos Didn't look the protocol in detail, but@hintjens can comment.1 reply 0 retweets 0 likes -
Replying to @jedisct1
@jedisct1 if@hintjens followed CurveCP to the letter, the answer is no.@CodesInChaos offered better ideas for handling key compromises2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@jedisct1@hintjens Very similar to CurveCP, including dubious use of C->S for client authentication. See https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/ …3 replies 0 retweets 0 likes -
Replying to @CodesInChaos
@CodesInChaos@bascule@jedisct1 I've posted a comment on your article. I don't see how the vouch is vulnerable to replay.1 reply 0 retweets 0 likes -
Replying to @CodesInChaos
@CodesInChaos@bascule@jedisct1 ack, but I don't understand how the vouch can be seen by the attacker1 reply 0 retweets 0 likes -
Replying to @CodesInChaos
@hintjens@bascule@jedisct1 For example you might keep c in a HSM for added security but c' on a less secure computer that gets compromised2 replies 0 retweets 0 likes
@CodesInChaos @hintjens @jedisct1 haha, wonder when there will be HSMs with box support ;)
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.