<div dir="ltr"><div>Hi Amit K, welcome!</div><div><br></div><div>I may be speaking out of turn, but I *think* the erlang-questions mailing list is the more appropriate place. This mailing list is about Erlang Enhancement Proposal and writing one requires a more complete overview and understanding of a change and its impact on the language, runtime and ecosystem. You can learn more about them here: <a href="https://www.erlang.org/erlang-enhancement-proposals/home">https://www.erlang.org/erlang-enhancement-proposals/home</a></div><div><br></div><div>Furthermore, erlang-questions has more users, so it is the best place if you want to get feedback on ideas. Then based on this feedback and if a complex change is necessary, you could submit an EEP.<br></div><div><br></div><div>I hope this clarifies a bit!</div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div><br></div><div><span style="font-size:13px"><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><b>José Valim</b></span></div><div><span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse"><div><span style="font-family:verdana,sans-serif;font-size:x-small"><a href="http://www.plataformatec.com.br/" style="color:rgb(42,93,176)" target="_blank">www.plataformatec.com.br</a></span></div><div><span style="font-family:verdana,sans-serif;font-size:x-small">Founder and Director of R&D</span></div></span></div></span></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Oct 21, 2019 at 8:00 PM Amit K <<a href="mailto:klg.amit@gmail.com">klg.amit@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi all,<div><br></div><div>(originally posted this to erlang-questions, I realize now that this is the more fitting list for that).</div><div><br></div><div>I am very new to Erlang, am considering to use it in a project and I have some security concerns. </div><div>I can see it's quite easy to configure TLS for the node-to-node communication, but making the name-to-port resolution service (epmd) secure seem a bit too complex to me, such as the one suggested here: <a href="https://www.erlang-solutions.com/blog/erlang-and-elixir-distribution-without-epmd.html" target="_blank">https://www.erlang-solutions.com/blog/erlang-and-elixir-distribution-without-epmd.html</a></div><div><br></div><div>So I was thinking, seeing that there are already options to:</div><div>1. Start a distributed node without epmd (<span style="color:rgb(52,52,52);font-family:monospace,serif;font-size:14px;letter-spacing:0.28px">-start_epmd false</span>) </div><div>2. Limit a node's port numbers to a specific range (via <span style="background-color:rgb(247,247,247);color:rgb(52,52,52);font-family:monospace,serif;font-size:11.9px;letter-spacing:0.28px;white-space:pre-wrap">inet_dist_listen_min &</span><span style="background-color:rgb(247,247,247);color:rgb(52,52,52);font-family:monospace,serif;font-size:11.9px;letter-spacing:0.28px;white-space:pre-wrap"> inet_dist_listen_max</span>).</div><div><br></div><div>Wouldn't it be nice if we could also specify a predefined port to spawn/4, to complete that picture? That is allow spawn to look like:</div><div>spawn("Name@Host:Port", Mod, Func, ArgList). <br></div><div>Then when spawn sees that a port was provided, it can completely skip the "epmd resolution" part and proceed with connecting to the target node via the provided port. </div><div>Note: I realize that the "Name" becomes slightly redundant when the Port is explicit. However this can still be useful - it would be good if the implementation will actually also verify that the port belongs to the provided name at the receiving side, so that a node will not accidentally process a message that wasn't meant for it.</div><div><br></div><div>Again, I'm a complete newbie to Erlang in general, so I may be missing something essential here :) But I would love to know what that is, if that's the case, or hear your thoughts in general otherwise :)</div><div><br></div><div>Thanks!</div></div>
_______________________________________________<br>
eeps mailing list<br>
<a href="mailto:eeps@erlang.org" target="_blank">eeps@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/eeps" rel="noreferrer" target="_blank">http://erlang.org/mailman/listinfo/eeps</a><br>
</blockquote></div>