Although Celery already includes an authenticating serializer, it is not very
difficult to implement a serializer. The serializer included with Celery uses
X.509 certificates and OpenSSL, which is flexible, but complex.
This serializer uses a lightweight PKI scheme based on ed25519 and the
well-regarded libsodium library. All that needs to be done, is to generate a
secure random 32 byte sequence. The serializer has a single signing key and a
list of trusted verification keys.
Although Celery already includes an authenticating serializer, it is not very difficult to implement a serializer. The serializer included with Celery uses X.509 certificates and OpenSSL, which is flexible, but complex.
This serializer uses a lightweight PKI scheme based on ed25519 and the well-regarded libsodium library. All that needs to be done, is to generate a secure random 32 byte sequence. The serializer has a single signing key and a list of trusted verification keys.
Resolves #68