Hi,
just released new versions of Crossbar.io and Autobahn|Python
https://pypi.python.org/pypi/crossbar/0.12.1
https://pypi.python.org/pypi/autobahn/0.12.1
Of course, feedback is welcome! And if you like, please spread the word
about Crossbar.io and Autobahn;)
Cheers,
/Tobias
The releases aggregate the last (hopefully) bunch of Python 3 (unicode
vs bytes), and other smaller fixes. But there is more.
A completely new feature is "event history". Often, a subscriber wants
to catch up with the latest event _history_, not only receive new
events. Here is an example:
https://github.com/crossbario/crossbarexamples/tree/master/event-history
Then the releases also contain fixes for WAMP authentication methods.
I've tested all methods on both Python 2 and 3, and we now have full
examples of all auth. methods:
https://github.com/crossbario/crossbarexamples/tree/master/authentication
There are also 2 completely new WAMP authentication methods:
- WAMP-TLS - this is using TLS client certificates for authentication
- WAMP-cryptosign - this is using state-of-the-art, public-private key
based mechanism using Curve25519
Curve25519 is an elliptic curve designed by Dan Bernstein ("djb"). djb
is a crypto guru, and, a trusted person in the crypto community.
Crossbar.io and WAMP-cryptosign are listed here
https://ianix.com/pub/ed25519-deployment.html
under "upcoming" already;)
Looking forward, WAMP-cryptosign will be our preferred authentication
method for our own apps.
The fact that it's public-private key means there are no secrets
whatsoever on the server side, and the fact that it's based on
Curve25519 and NaCl
http://nacl.cr.yp.to/
http://pynacl.readthedocs.org
means it is very secure.
---
Then, there is another crypto thing in the cooking (alpha code is in
above releases already!): WAMP-cryptobox
This, for me, is _the_ most interesting feature in a while!
It's adding an end-to-end encryption option to Crossbar.io and
AutobahnPython (for now, but JS and others is possible too).
Yes, that's right: using e2e, not even Crossbar.io is able to read the
application payload of your calls and events!
This very much preview .. but here is an example that should give you a
better idea of how it looks
https://github.com/crossbario/crossbarexamples/blob/master/encryption/cryptobox/client1.py#L45
The nice thing: once you've added a "keyring" (optionally, configured
per-URI keypairs), it is completely transparent from app code. No code
changes there at all!
---
Crossbar.io 0.12.1 identifies as:
(python351_2) oberstet@thinkpad-t430s:~$ crossbar version
Automatically choosing optimal Twisted reactor
Running on Linux and optimal reactor (epoll) was installed.
__ __ __ __ __ __ __ __
/ `|__)/ \/__`/__`|__) /\ |__) |/ \
\__,| \\__/.__/.__/|__)/~~\| \. |\__/
Crossbar.io : 0.12.1
Autobahn : 0.12.1 (with JSON, MessagePack, CBOR)
Twisted : 15.5.0-EPollReactor
LMDB : 0.88/lmdb-0.9.17
Python : 3.5.1/CPython
OS : Linux-3.13.0-76-generic-x86_64-with-debian-jessie-sid
Machine : x86_64
at the command line. Of course we are running the release now on the
demo instance (on latest PyPy / Linux) as well:
https://demo.crossbar.io/ws
The demo instance now also use Let's Encrypt certificates, and we've
further hardened TLS
https://www.ssllabs.com/ssltest/analyze.html?d=demo.crossbar.io
Also: the demo instance are actually 2 instances behind geolocation
based DNS. Depending on your location, you'll be connected to one of these:
https://cbdemo-us-west-1.crossbar.io/
https://cbdemo-eu-central-1.crossbar.io/
When you open a demo, you should see a statusline at the bottom like
Status: Connected to node cbdemo-eu-central-1 at
wss://
cbdemo-eu-central-1.crossbar.io/ws
that tells you to which instance you are connected.
Note that the instances are not yet clustered (eg when you are connected
to the Votes demo on instance A, you won't get votes on instance B).
---