[IPython-dev] pyzmq authentication

MinRK benjaminrk@gmail....
Wed Jun 1 18:42:49 CDT 2011


On Wed, Jun 1, 2011 at 16:35, Jason Grout <jason-sage@creativetrax.com> wrote:
> On 6/1/11 6:04 PM, Jason Grout wrote:
>> For example, we
>> could send a hash of the concatenation of the shared secret and the
>> content of the message.
>
> Of course, as aptly stated by khrafra [1] and many others, it's always
> better to use the prebuilt libraries to do signing.  Here are two
> standard modules that could do authentication:

Certainly true.  I've already started writing the signing code with
hmac, but I have to run
and meet some ZeroMQ folks in San Francisco.  I should probably have a
sample up tomorrow.

>
> Standard Python module: http://docs.python.org/library/hmac.html
>
> Google Keyczar: http://www.keyczar.org/
>
> Thanks,
>
> Jason
>
>
> [1]
> http://www.reddit.com/r/netsec/comments/attt2/dont_hash_secrets/c0jdilj
> : Haha.. you fool! You fell victim to one of the classic blunders. The
> most famous is: Never get involved in a land war in Asia. But only
> slightly less famous is this: Never attempt to roll your own crypto when
> there's a well-tested library that'll do it better!
> _______________________________________________
> IPython-dev mailing list
> IPython-dev@scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>


More information about the IPython-dev mailing list