[IPython-dev] pyzmq authentication
Thu Jun 2 13:41:55 CDT 2011
I'm realizing that, in the parallel code at least, there is no way to
maintain these counters in a synchronized way. This is because the
connections are in fact many-to-many, not one-to-many, so the receiver
can't know the count for the sender, and for load-balanced execution
the sender doesn't know who the receiver is. What I've done instead to
prevent sniffed duplicates is to simply keep track of previously seen
digests, and don't allow repeats.
The code is pretty simple, and I'll merge it after the newconfig code is merged.
On Wed, Jun 1, 2011 at 17:29, Min RK <firstname.lastname@example.org> wrote:
> No, I will add it to the Session object in IPython. Like the ssh code, though, there is really nothing IPython specific in the session (aside from the use of traitlets). It's a perfectly general pyzmq utility that you could use anywhere, and might (someday) end up in pyzmq itself.
> On Jun 1, 2011, at 16:53, Jason Grout <email@example.com> wrote:
>> On 6/1/11 6:42 PM, MinRK wrote:
>>> On Wed, Jun 1, 2011 at 16:35, Jason Grout<firstname.lastname@example.org> wrote:
>>>> On 6/1/11 6:04 PM, Jason Grout wrote:
>>>>> For example, we
>>>>> could send a hash of the concatenation of the shared secret and the
>>>>> content of the message.
>>>> Of course, as aptly stated by khrafra  and many others, it's always
>>>> better to use the prebuilt libraries to do signing. Here are two
>>>> standard modules that could do authentication:
>>> Certainly true. I've already started writing the signing code with
>>> hmac, but I have to run
>>> and meet some ZeroMQ folks in San Francisco. I should probably have a
>>> sample up tomorrow.
>> Fantastic! Thanks! Do you mean that you are adding this directly to pyzmq, as a layer above the library wrapper? That's where we would use it, though if it wasn't in pyzmq, I suppose we could always just incorporate the functions themselves into our codebase.
>> Jason Grout
More information about the IPython-dev