I'm trying to gently introduce my development team to Go. Here are the
requirements for my first project to help prove Go has what it takes:
1. Process #1 on Host A must establish a socket connection with Process #2
on Host B. These are daemon processes which will then push data freely in
both directions simultaneously.
2. The communication must be encrypted in both directions since the data
will be traversing the Internet.
3. Process #1 must be sure it's talking to Process #2 and only Process #2.
4. Process #2 must be sure it's talking to Process #1 and only Process #1.
5. If anyone tries to meddle with data in transit, the connection should be
I'm new to encryption and security, but I know just enough to know that I
shouldn't try to create my own solution.
I've been pointed in some interesting directions, but I'm starting to get
the impression one must tackle 3-4 thick books on the subject, and spend
weeks or months writing test programs and getting familiar with things,
before even knowing where to start on a project like this. (And here I
naively thought this kind of thing would be so common that I could
trivially find a 10 step guide. Nope!)
Public keys, private keys, ciphers, encryption algorithms, certificates,
certificate chains, SSL, TLS, block encryption, stream encryption, trust,
DSA, RSA, pem files... yikes! All I want is a secure channel of
communication! (Well, just a bit more than that, as outlined above.) I feel
a bit like a programmer that just needs to sort a list but has to read the
entire history of sorting algorithms first. It seems like this stuff should
all be in the domain of experts and there should be some kind of nearly
idiot proof CreateSecureConnection() function somewhere instead, with clear
instructions on what exactly to feed it.
From the research I've done already, I think something called TLS has all
the features necessary to meet the requirements above, but getting
everything setup and configured correctly is a little daunting. Can anyone
give me a basic outline to get me started? I don't mind digging into the
details myself... I just want to make sure I have all my bases covered,
since confidential data will be transported between these processes. And of
course, I'm trying to get this up and running quickly to prove Go is
Thanks in advance for any guidance anyone can give!
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to email@example.com.
For more options, visit https://groups.google.com/groups/opt_out.