qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John O'Hara" <john.r.oh...@gmail.com>
Subject Re: Proposal to unify qpid and AMQP URL formats.
Date Thu, 12 Feb 2009 00:58:13 GMT
TLS doesn't have to be TCP/IP.  From the RFC:"At the lowest level, layered
on top of some reliable transport protocol (e.g., TCP[TCP]), is the TLS
Record Protocol."

For example I could theoretically used TLS over Socket Direct Protocol
over IB.  What is needs is reliability and order underneath.

Also, the AMQP1 negotiation as currently in discussion asserts a
demand for TLS very early on - in fact during the AMQP header
exchange.  So its an option added to AMQP; the current draft header
has a bit for it (talk to Rafi, long discussion).

This would lead to amqp+tls since the ordered connection is already
open and we're asking the TLS + AMQP handshake to begin.

Just my logic, and just 1.0 draft.

Objections I'd be interested in.



2009/2/11 Carl Trieloff <cctrieloff@redhat.com>

> Alan Conway wrote:
>> John O'Hara wrote:
>>> Very well considered, and highly flexible.Compatible with where AMQP1.0
>>> is
>>> heading (wrt TLS handling -- balance of opinion is that TLS will be on
>>> the
>>> same port, as it would be for Kerberos based encryption).
>>> Missed out a TLS example:
>>> amqp+tls://foo:bar@tcp:host1:1234/vhost?clientid=baz
>> I think it's cleaner to put modifiers like TLS into the protocol
>> identifier rather than the URL scheme:
>> amqp://foo:bar@tcp+tls: host:...
>> That gives greater flexibility over protocols used in the host list and
>> avoids the problem of mis-matching modifiers and protocols, e.g. if we have
>> an infiniband protocol then what would amqp+tls://ib:inifinibandstuff/...
>> mean?
>> What do you think?
> tls is tcp,
> so tls/tcp/ib is enough... don't even need ib, as that is just the IP for
> the IB port, everything else is transparent.
> to that tls is just another tcp port for that matter
> Carl.
> ---------------------------------------------------------------------
> Apache Qpid - AMQP Messaging Implementation
> Project:      http://qpid.apache.org
> Use/Interact: mailto:dev-subscribe@qpid.apache.org

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message