Critical Security Concern: DDS Plugin Lacks Certificate Encryption Support #297
Description
Describe the feature
Dear Zenoh Development Team,
I am writing to express a significant concern regarding the DDS plugin for Zenoh. After attempting to integrate this plugin into our system, we've encountered a critical limitation that renders it unusable in our secure environment.
Key Issue:
The DDS plugin does not support certificate-based encryption, which is a fundamental security requirement in our infrastructure. All our systems utilize certificate encryption for secure communication.
Impact:
- Unable to establish secure connections between our DDS systems and Zenoh network.
- Creates a potential security vulnerability if implemented without proper encryption.
- Renders the plugin unusable in security-conscious environments like ours.
Request:
We strongly urge you to consider adding support for certificate-based encryption to the DDS plugin. This feature is crucial for:
- Ensuring data confidentiality and integrity
- Maintaining compliance with security standards
- Enabling adoption in enterprise and sensitive environments
We believe addressing this limitation would significantly enhance the plugin's usability and security, making it viable for a broader range of applications and users.
We would appreciate your feedback on this matter and would be keen to know if there are plans to address this security gap in future releases.
Thank you for your attention to this critical issue.
Best regards,
Simon