[rabbitmq-discuss] ssl certificate to client lookup
matthias at rabbitmq.com
Mon Jul 5 22:15:00 BST 2010
Nathaniel Haggard wrote:
> On Mon, Jun 28, 2010 at 11:46 PM, Lionel Cons <lionel.cons at cern.ch> wrote:
>> In case something bad happens (invalid message, too many messages...),
>> we want to know who sent the offending messages.
That doesn't seem to have anything to do with SSL, intrinsically, i.e.
one can imagine wanting to know the same even when the clients connect
That raises the question of how exactly to identify the sender of a
message to a) consumers, and b) administrators. That is a very large can
of worms, raising issues of trust such as
- How do consumers establish sufficient trust into the server (to supply
the correct information)?
- How do producers establish sufficient trust into the server (to not
pass on information about their identity when they do not intent to, to
not fake such information, etc)?
- How does one deal with proxies/shovels, i.e. entities that relay
information? Do messages passing through them have their original sender
info replaced? Or does the proxy/shovel identity get appended somehow?
None of these issues are particular to AMQP, of course, so the AMQP
working group should built on the work already done in the world of
securing email, web services, etc. There is an AMQP Security SIG, and it
may be worth you describing your use case to them, so they can
incorporate it into their designs.
There is also an issue w.r.t. message fidelity. Currently RabbitMQ
guarantees that the entire message payload, including headers, is
transmitted to consumers unaltered. To some users that is a highly
desirable property of a messaging system.
> If rabbitmqctl list_connections showed the ssl common name in
> client_properties then we could find the queue by joining
> list_connections output with list_queues output on pid and owner_pid
Adding various bits of info extracted from ssl in the list_connections
output would be quite easy and not run into any of the problems
mentioned above associated with trying to attach sender identities to
messages. But ...
Isn't the AMQP user sufficient for this? That can already be shown with
Also, I do not understand how queue owner_pids help you here since the
connections owning the queues are typically from the consumers and not
More information about the rabbitmq-discuss