[rabbitmq-discuss] Securing Messages Over WAN Link
Dushin Fred
fred at dushin.net
Fri Jan 25 14:21:49 GMT 2013
On Jan 16, 2013, at 5:24 AM, Emile Joubert <emile at rabbitmq.com> wrote:
> SSL will not protect the data written to disk by the broker, or messages
> held in RAM in the broker. Message producers should encrypt the message
> payloads if that's what you need.
I would add that if you care about data integrity, then you will also want to include both a cryptographic hash, as well as some sort of sequencing information in the payload, so that consumers can detect attacks that may have, for example, removed or re-ordered messages. If you're even more paranoid, you could also roll keys, so that compromise of a key at one point will not compromise the secrecy/integrity of previous messages, but that is obviously more complicated (== more expensive to implement).
-Fred
More information about the rabbitmq-discuss
mailing list