[systemd-devel] SSL for gatewayd

Holger Winkelmann hw at travelping.com
Wed Jan 16 13:45:26 PST 2013 

On Jan 16, 2013, at 9:57 PM, Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl> wrote:

> On Wed, Jan 16, 2013 at 09:18:22PM +0100, Holger Winkelmann wrote:
>> Thanks for the feedback. In our design we also think about some remote journal
>> logging but want to transport the messages via some form of message protocol.
>> 
>> On the final receiving host we could present the logs via http(s) 
> Thank you for your feedback too :).
> 
> I was thinking of adding UDP or RDS as a transport, with DTLS on top.

Hmm, nice idea as well, we are looking into the messaging directions (coming
from ZeroMQ backgrounds (but don't like the C++ dependencies) 
or SCTP/DTLS but UDP/DTLS is an option too.

> 
> Zbyszek
> 
>> On Jan 16, 2013, at 9:07 PM, Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl> wrote:
>> 
>>> On Wed, Jan 16, 2013 at 07:11:31PM +0100, Holger Winkelmann wrote:
>>>> Holger Winkelmann
>>>> Travelping GmbH
>>>> +49-171-5594745
>>>> 
>>>> ### Sent from a mobile device. Sorry for brevity and typos... ###
>>>> 
>>>> On 16.01.2013, at 18:54, Reindl Harald <h.reindl at thelounge.net> wrote:
>>>> 
>>>>> 
>>>>> 
>>>>> Am 16.01.2013 18:12, schrieb Lennart Poettering:
>>>>>> Sounds good!
>>>>>> 
>>>>>> gntils is a pretty awful library, but the others aren't better, and it
>>>>>> appears to be the right choice here.
>>>>> 
>>>>> search for "openvas gnutls" and "openvas libmicrohttpd"
>>>>> and you become an overview of the quality of both libraries
>>>> Er had Some relative Good Results with PolarSSL and lately the fork tropicSSL
>>>> 
>>>> I was Not following the full discussion here, any reasons against
>>>> classic openSSL apart from size of the library
>>> Hi,
>>> well, we already use libmicrohttpd, and libmicrohttpd is already linked
>>> against gnutls (in Fedora and Debian at least). So if one is using
>>> libmicrohttpd, than it seems reasonable to stick to gnutls.
>>> 
>>> OTOH, libmicrohttpd is quite awful. I have been having a lot of
>>> trouble integrating libmicrohttp in my own epoll loop. I would
>>> be happy to replace it with something different.
>>> 
>>> Zbyszek

-- 
Holger Winkelmann
Managing Director

email: hw at travelping.com
phone: +49-391-819099-223
mobil: +49-171-5594745 (DE)

------------------ managed broadband access ------------------

Travelping GmbH               phone:           +49-391-8190990
Roentgenstr. 13               fax:           +49-391-819099299
D-39108 Magdeburg             email:       info at travelping.com
GERMANY                       web:   http://www.travelping.com


Company Registration: Amtsgericht Stendal Reg No.:   HRB 10578
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
--------------------------------------------------------------

More information about the systemd-devel mailing list