Re: [sr-dev] DMQ security

On Tuesday 29 October 2013 11:17:55 Charles Chance wrote:

Or should I look to implement some kind of authentication mechanism as well? Perhaps something as simple as a pre-shared key would suffice, assuming the messages are encrypted of course. Full digest authentication is way too heavy in my opinion.

Any ideas? Or just leave it up to the user to secure it in network layer?

Are dmq messaged handled automatically, even when dmq_handle_message() is not used?

If not, then, imho, the admin already has plenty of possibilities (IP-based, digest, TLS cert) to do authentication before calling that function. Why force one method if we can just leave it up to the admin to choose whatever fits best in his situation.