.. .. Vortex Link .. .. This software and documentation are Copyright 2010 to 2018 ADLINK .. Technology Limited, its affiliated companies and licensors. All rights .. reserved. .. .. Licensed under the ADLINK Software License Agreement Rev 2.7 2nd October .. 2014 (the "License"); you may not use this file except in compliance with .. the License. .. You may obtain a copy of the License at: .. docs/LICENSE.html .. .. See the License for the specific language governing permissions and .. limitations under the License. .. ############ DDS-Security ############ Vortex Link is able to route secured traffic between applications using standard DDS Security. Vortex Link will not try to authenticate applications nor decode encrypted messages. It will simply route authentication messages, crypto tokens and encrypted messages between secured applications so that they can authenticate each other and exchange encrypted messages end-to-end. So Vortex Link does not need to be configured with any certificate or security plugin and does not need to be trusted (it will not decode encrypted messages). Limitations =========== + Vortex Link can only route data between participants configured with *allow_unauthenticated_participants* set to *false*. + Vortex Link can only route data between participants configured with *rtps_protection_kind* set to *NONE*. + If the participants are configured with *discovery_protection_kind* set to *ENCRYPT*, *SIGN*, *ENCRYPT_WITH_ORIGIN_AUTHENTICATION* or *SIGN_WITH_ORIGIN_AUTHENTICATION*, then Vortex Link can only route data on topics configured with *enable_discovery_protection* set to *false*. + Vortex Link can route data on topics configured with any *data_protection_kind*. + Vortex Link can route data on topics configured with any *metadata_protection_kind*. But, if *metadata_protection_kind* is set to *ENCRYPT* or *ENCRYPT_WITH_ORIGIN_AUTHENTICATION*, Vortex Link will forward encrypted messages to all participants that have matching entities with the participant that is source of the message (even if the matching entities are on a different topic than the topic of the encrypted meessage). This will lead to poor scalability and extra resources consumption.