31 Oct
2013
31 Oct
'13
4:53 a.m.
On Tuesday 29 October 2013 11:17:55 Charles Chance wrote:
Or should I look to implement some kind of
authentication mechanism as well? Perhaps something as simple as a
pre-shared key would suffice, assuming the messages are encrypted of
course. Full digest authentication is way too heavy in my opinion.
Any ideas? Or just leave it up to the user to secure it in network layer?
Are dmq messaged handled automatically, even when dmq_handle_message() is not
used?
If not, then, imho, the admin already has plenty of possibilities (IP-based,
digest, TLS cert) to do authentication before calling that function.
Why force one method if we can just leave it up to the admin to choose
whatever fits best in his situation.
--
Alex Hermann