On Tue, Oct 1, 2013 at 4:21 AM, Pieter Hintjens <p...@imatix.com> wrote:
> http://hintjens.com/blog:53 Regarding this specifically: I don't see a way to safely share a certificate without some shared secret, > or resorting to a third party, CA-style. Even if I encrypt the certificate > with the recipient's public key, they can't authenticate that without > knowing my public key in advance. Is there a simple answer to this? It's not possible to establish a secure channel without a prior secure channel. For infrastructural use of 0MQ I think it would make sense to set up a certificate authority for a grid, and issue node-specific certificates which are then signed by the CA. Have you thought about how to deal with things like CRLs? -- Tony Arcieri
_______________________________________________ zeromq-dev mailing list zeromq-dev@lists.zeromq.org http://lists.zeromq.org/mailman/listinfo/zeromq-dev
