Imported from previous forum
The FIX Technical Committee has asked Ryan Pierce to chair the currently inactive
Encryption Working Group. If you wish to be a member of this working group,
please send him an E-mail so I can add you to the group mailing list. You
also should double-check that you are subscribed to the Encryption
discussion page by checking your profile at www.fixprotocol.org
The Technical Committee has asked that the Encryption Working Group focus on
FIX engine to FIX engine authentication and encryption using SSLv3 and/or
TLS. These provide an alternative to PGP-DES-MD5 for session security.
Possible outcomes seen from the group are:
- Deciding whether to standardize upon SSLv3, TLS, or something else, and
standardizing upon implementation details. - Doing a pilot / case study of the method(s) in question
- Drafting the Application Note documenting their use
- Researching SSLv3 and TLS implementations, and possibly working with
vendors to create Application Notes for different libraries - Creating reference implementation(s)
While this is the immediate topic, some interest had been expressed in
individually signed messages, both at the FIX engine to FIX engine and the
end-to-end level. These are significantly more difficult to arrive upon
interoperable standards, and require detailed analysis of technical,
business and legal issues.
It is likely that we will kick off the working group with a meeting in New
York (date and location still to be determined), followed by electronic
discussion and conference calls.
Ryan Pierce (rpierce@taltrade.com)
Townsend Analytics Ltd. / Archipelago LLC