First it starts by talking about how ZeroMQ security is an "afterthought", linking to an article that should hopefully convince even people with casual security backgrounds this isn't the case: http://hintjens.com/blog:48
For what it's worth: ZeroMQ implements the closest thing to a real-world implementation of Dan Bernstein's CurveCP protocol, with a few design flaws fixed, and also a certificate form that allows a limited hierarchical PKI. Normally I'd say using anything other than TLS is a huge warning sign, but as far as non-TLS protocols go, ZeroMQ's "CurveZMQ" protocol actually ends up looking fairly good in my book.
Iris does none of this, advocating the use of global PSKs. Global PSKs are the bane of security professionals everywhere, as they make any system that shares the PSK the weakest link, greatly increasing the chance that the most overlooked system will become a vector for total system compromise. This is why we've generally seen a move away from such systems to running internal PKIs with unique keys per host.
Instead, they claim:
"This is achieved through the observation that if a node of a service is compromised, the whole system is considered undermined."
This is pretty much the opposite trend of modern crypto practitioners.
It's been awhile since I actually looked at their crypto, but at a cursory glance-over again it's hand-rolled and uses bignums without random blinding, greatly increasing the chances of timing side-channels.
If you care about security, you probably shouldn't be using this.
Iris reminds me of Tibco Rendezvous, which as far as I remember was capable of multicast messaging with distributed task queueing. It was efficient last time I used it (ca 6 yrs ago), I wonder how does Iris compare to Tibco, which is still used by many financial behemoths.
Yes, Rendezvous is still going strong. Tonnes of deployments in FSI, Telco, Fabs, etc. That said its showing its age in the cloud among couple of other areas. We typically point users who need low latency data distribution to RV's successor called FTL. Similar peer to peer architecture like RV, but new capabilities like multi-transport (tcp/mcast/rdma/shared mem), content-selectors, pub-sub/req-reply semantics. And wicked fast on commodity hardware.
I haven't looked at Iris but the problem of abstracting physical from logical topology in distributed systems has been a major influence on RV and FTL architecture. Real world problem once you move beyond speeds and feeds and "looks ma, sockets!" semantics.
It looks like development has slowed down dramatically. In my view, a project which has a large community behind it is far preferable to something which is theoretically superior but new and small, because in the long run, long-lived projects tend to address new use cases (ie they evolve), so they don't paint you into a corner, unlike a wonderful-sounding idea whose author seemingly gets bored of it after 12 months.
Personally it is for this reason that I'm going with zeromq, even though I know it has tight-coupling downsides. I was tempted by nanomsg but even this seems to be losing momentum somewhat (please feel free to correct me if the last statement is incorrect).
[+] [-] bascule|10 years ago|reply
First it starts by talking about how ZeroMQ security is an "afterthought", linking to an article that should hopefully convince even people with casual security backgrounds this isn't the case: http://hintjens.com/blog:48
For what it's worth: ZeroMQ implements the closest thing to a real-world implementation of Dan Bernstein's CurveCP protocol, with a few design flaws fixed, and also a certificate form that allows a limited hierarchical PKI. Normally I'd say using anything other than TLS is a huge warning sign, but as far as non-TLS protocols go, ZeroMQ's "CurveZMQ" protocol actually ends up looking fairly good in my book.
Iris does none of this, advocating the use of global PSKs. Global PSKs are the bane of security professionals everywhere, as they make any system that shares the PSK the weakest link, greatly increasing the chance that the most overlooked system will become a vector for total system compromise. This is why we've generally seen a move away from such systems to running internal PKIs with unique keys per host.
Instead, they claim:
"This is achieved through the observation that if a node of a service is compromised, the whole system is considered undermined."
This is pretty much the opposite trend of modern crypto practitioners.
It's been awhile since I actually looked at their crypto, but at a cursory glance-over again it's hand-rolled and uses bignums without random blinding, greatly increasing the chances of timing side-channels.
If you care about security, you probably shouldn't be using this.
[+] [-] polskibus|10 years ago|reply
[+] [-] zok3102|10 years ago|reply
Yes, Rendezvous is still going strong. Tonnes of deployments in FSI, Telco, Fabs, etc. That said its showing its age in the cloud among couple of other areas. We typically point users who need low latency data distribution to RV's successor called FTL. Similar peer to peer architecture like RV, but new capabilities like multi-transport (tcp/mcast/rdma/shared mem), content-selectors, pub-sub/req-reply semantics. And wicked fast on commodity hardware.
I haven't looked at Iris but the problem of abstracting physical from logical topology in distributed systems has been a major influence on RV and FTL architecture. Real world problem once you move beyond speeds and feeds and "looks ma, sockets!" semantics.
[+] [-] vegabook|10 years ago|reply
Personally it is for this reason that I'm going with zeromq, even though I know it has tight-coupling downsides. I was tempted by nanomsg but even this seems to be losing momentum somewhat (please feel free to correct me if the last statement is incorrect).
[+] [-] dochtman|10 years ago|reply
https://github.com/gdamore/mangos
[+] [-] dozzie|10 years ago|reply
Oh, there it is in the article. Never mind.
[+] [-] vruiz|10 years ago|reply