Marketcetera.org › m-etc-users

SSL / FIX Encryption, feature request?

4 messages Options
Embed this post
Permalink
omsmaster

SSL / FIX Encryption, feature request?

Reply Threaded More More options
Print post
Permalink

First off want to say I am just starting to poke around with the
Marketcetera platform, but so far it seems VERY interesting...

I see that in one of the current release there is support for SSL
connection to a FIX destination.  I am guessing that basically means
between the OMS and Brokers/Exchange/ECN?  But, trying to figure out
if that means FIX Encryption, or something else?  Is FIX Encryption
something  handled by QuickFIX engine already, or is that what you
mean by SSL?

Is the connection between Photon and OMS SSL encrypted?

Again, just getting my feet wet with it, but very cool!

_______________________________________________
m-etc-users mailing list
[hidden email]
http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
gm-mrktc

Re: SSL / FIX Encryption, feature request?

Reply Threaded More More options
Print post
Permalink
Hello, and thanks for the words of encouragement.  You are indeed
correct that we are talking about an SSL connection between the OMS
and the broker/exchange/ECN.  I believe that for brokers that allow
connections over the Internet, this is fairly common, and indeed we
have at least one customer who requires it.

The reason that we included it in the release notes for our latest
version was that Toli (in addition to being a Marketcetera maintainer
is also a committer to QuickFIX/J) had added the ability to do SSL
authentication in both directions.  QuickFIX/J already had the ability
to encrypt the stream, but now we can do authentication (which is
optional in the SSL protocol) as well.

The way this is generally implemented is that the FIX layer of the
application code is generally unaware of the use of SSL, so I think
you should think of this as an unencrypted FIX connection over an SSL
"tunnel".

Hope that helps.  Toli, I don't know if you have anything to add.  Let
us know if you have other questions.

graham


On 8/16/07, [hidden email] <[hidden email]> wrote:

>
> First off want to say I am just starting to poke around with the
> Marketcetera platform, but so far it seems VERY interesting...
>
> I see that in one of the current release there is support for SSL
> connection to a FIX destination.  I am guessing that basically means
> between the OMS and Brokers/Exchange/ECN?  But, trying to figure out
> if that means FIX Encryption, or something else?  Is FIX Encryption
> something  handled by QuickFIX engine already, or is that what you
> mean by SSL?
>
> Is the connection between Photon and OMS SSL encrypted?
>
> Again, just getting my feet wet with it, but very cool!
>
> _______________________________________________
> m-etc-users mailing list
> [hidden email]
> http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
>


--
Marketcetera Trading Platform
download.run.trade.
www.marketcetera.org


--
Marketcetera Trading Platform
download.run.trade.
www.marketcetera.org
_______________________________________________
m-etc-users mailing list
[hidden email]
http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
omsmaster

Re: SSL / FIX Encryption, feature request?

Reply Threaded More More options
Print post
Permalink

Thanks for the reply, but I have a follow up, or rather I am repeating part of my question....

Is the connection between the front-end ( photon ) and the OMS encrypted as well?


gm-mrktc wrote:
Hello, and thanks for the words of encouragement.  You are indeed
correct that we are talking about an SSL connection between the OMS
and the broker/exchange/ECN.  I believe that for brokers that allow
connections over the Internet, this is fairly common, and indeed we
have at least one customer who requires it.

The reason that we included it in the release notes for our latest
version was that Toli (in addition to being a Marketcetera maintainer
is also a committer to QuickFIX/J) had added the ability to do SSL
authentication in both directions.  QuickFIX/J already had the ability
to encrypt the stream, but now we can do authentication (which is
optional in the SSL protocol) as well.

The way this is generally implemented is that the FIX layer of the
application code is generally unaware of the use of SSL, so I think
you should think of this as an unencrypted FIX connection over an SSL
"tunnel".

Hope that helps.  Toli, I don't know if you have anything to add.  Let
us know if you have other questions.

graham


On 8/16/07, omsmaster@nyc.rr.com <omsmaster@nyc.rr.com> wrote:
>
> First off want to say I am just starting to poke around with the
> Marketcetera platform, but so far it seems VERY interesting...
>
> I see that in one of the current release there is support for SSL
> connection to a FIX destination.  I am guessing that basically means
> between the OMS and Brokers/Exchange/ECN?  But, trying to figure out
> if that means FIX Encryption, or something else?  Is FIX Encryption
> something  handled by QuickFIX engine already, or is that what you
> mean by SSL?
>
> Is the connection between Photon and OMS SSL encrypted?
>
> Again, just getting my feet wet with it, but very cool!
>
> _______________________________________________
> m-etc-users mailing list
> m-etc-users@lists.marketcetera.org
> http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
>


--
Marketcetera Trading Platform
download.run.trade.
www.marketcetera.org


--
Marketcetera Trading Platform
download.run.trade.
www.marketcetera.org
_______________________________________________
m-etc-users mailing list
m-etc-users@lists.marketcetera.org
http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
toli

Re: SSL / FIX Encryption, feature request?

Reply Threaded More More options
Print post
Permalink
Sorry for missing the 2nd part of your question.

> Is the connection between the front-end ( photon ) and the OMS encrypted as
> well?

that connection is currently not encrypted. it's just a regular
connection over JMS.
However, ActiveMQ provides pluggable security through various
different providers, such as JAAS so that it's possible to implement a
secure connection between Photon or OrderLoader and the OMS:
http://activemq.apache.org/security.html

--
Toli Kuznets
http://www.marketcetera.com: Open-Source Trading Platform
download.run.trade.
_______________________________________________
m-etc-users mailing list
[hidden email]
http://lists.marketcetera.org/cgi-bin/mailman/listinfo/m-etc-users
Free Embeddable Forum Powered by Nabble Help