Netflix Open Sources Sophisticated Messaging Tool

by Ostatic Staff - Nov. 25, 2014

Open cloud computing platforms are on all kinds of radars these days, including leading open source platforms such as OpenStack, but if you ask many folks which companies have top-notch expertise in the open cloud, you won't often hear Netflix mentioned. The company actually has an admirable history of open sourcing many of its most useful cloud tools and accompanying security tools--and it is a sophisticated user of cloud services.

We've reported on Netflix open sourcing a series of interesting "Monkey" cloud tools as part of its "simian army," and its release of three of its internal tools that help protect the security of its platform. Now, the company has announced the release of Message Security Layer protocol (MSL), billed as ‘A Modern Take on Securing Communication.'

The project is found on github under an Apache 2.0 license, with implementations in Java and JavaScript.  According to the company:

"When we first launched the Netflix streaming service we used a combination of HTTPS and a homegrown security mechanism called NTBA to provide that security. However, over time this combination started exhibiting growing pains. With the advent of HTML5 and the Media Source Extensions and Encrypted Media Extensions we needed something new that would be compatible with that platform. We took this as an opportunity to address many of the shortcomings of the earlier technology. The Message Security Layer (MSL) was born from these dual concerns."

"MSL is a plug-in architecture which allows for the easy integration of different device and user authentication schemes, session key negotiation schemes, and cryptographic algorithms...A typical MSL message consists of a header and one or more application payload chunks. Each chunk is individually protected which allows the sender and recipient to process application data as it is transmitted. A message stream may remain open indefinitely, allowing large time gaps between chunks if desired."

You can find a very complete technical discussion of how MSL works here.

"With MSL we have eliminated many of the problems we faced with HTTPS and platform integration," the company reports. "Its flexible and extensible design means it will be able to adapt as Netflix expands and as the cryptographic landscape changes. We are already using MSL on many different platforms including our HTML5 player, game consoles, and upcoming CE devices."

Netflix previously released Janitor Monkey and Chaos Monkey, which are cloud tools. You can peruse Netflix's overall open source software resource center on GitHub.  The company is steadily releasing proven tools that can be quite useful for administrators. Netflix has also said that it has more tools to be open sourced soon.