[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: 2007 Predictions
Original Message From: "Richard Salz" >> (It's probably been covered before, but...) I find it interesting that > using >> HTTPS allows some security, but it does mean that any perimeter firewall > can >> not inspect the contents of an exchange. > > Because of this, SSL is usually terminated in the DMZ. If necessary, a > new SSL connection will be set up from the DMZ device to the internal > system. ... I was actually referring to the firewall at the client end of the connection. (I didn't reply earlier as I was trying to work out how an HTTPS connection goes through a proxy. It seems the risk is still there. A draft version of RFC2817 was called "Tunneling TCP based protocols through Web proxy servers", and the security considerations section mentions the vulnerability.) Pete. -- ============================================= Pete Cordell Tech-Know-Ware Ltd for XML to C++ data binding visit http://www.tech-know-ware.com/lmx (or http://www.xml2cpp.com) =============================================
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] |
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|