|
Posted by Jackie on April 17, 2007, 3:33 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi there,
What's the difference between implementing pure SSL vs. SSL over tcp/
ip? what's the advantage/disadvantage when comparing them?
Can I say that on top of old tcp/ip application, we can add SSL on top
of it for less effort, and for new application we go ahead to use pure
SSL?
Thanks and regards,
|
|
Posted by Ertugrul Soeylemez on April 18, 2007, 3:46 am
If you were Registered and logged in, you could reply and use other advanced thread options
> What's the difference between implementing pure SSL vs. SSL over tcp/
> ip? what's the advantage/disadvantage when comparing them?
>
> Can I say that on top of old tcp/ip application, we can add SSL on top
> of it for less effort, and for new application we go ahead to use pure
> SSL?
There is some misconception here. SSL is operating in another layer
than TCP. You can place anything under SSL, be it TCP/IP, UDP/IP or
even something entirely different than IP.
Regards,
Ertugrul S=C3=B6ylemez.
--=20
=46rom the fact that this CGI program has been written in Haskell, it
follows naturally that this CGI program is perfectly secure.
|
|
Posted by Volker Birk on April 18, 2007, 1:18 pm
If you were Registered and logged in, you could reply and use other advanced thread options > You can place anything under SSL, be it TCP/IP, UDP/IP or
> even something entirely different than IP.
That's not completely true. RFC 4346 says in it's introduction already:
| At the lowest level, layered on top of some reliable
| transport protocol (e.g., TCP[TCP]), is the TLS Record Protocol.
This implies, that you cannot use UDP for TLS, because UDP is not
reliable.
Yours,
VB.
--
"Terror eignet sich mehr als irgendeine andere militärische Strategie dazu,
die Bevölkerung zu manipulieren."
(Dr. Daniele Ganser, 2005)
<http://www.auchdieserschwachsinnmussinsinternet.de/>
|
|
Posted by Ertugrul Soeylemez on April 20, 2007, 2:36 am
If you were Registered and logged in, you could reply and use other advanced thread options
> > You can place anything under SSL, be it TCP/IP, UDP/IP or even
> > something entirely different than IP.
>
> That's not completely true. RFC 4346 says in it's introduction
> already:
>
> | At the lowest level, layered on top of some reliable transport
> | protocol (e.g., TCP[TCP]), is the TLS Record Protocol.
>
> This implies, that you cannot use UDP for TLS, because UDP is not
> reliable.
Firstly we're talking about SSL, not TLS. Secondly, we have a free
layer 5, where we can make unreliable transport protocols reliable.
Regards,
Ertugrul S=C3=B6ylemez.
--=20
=46rom the fact that this CGI program has been written in Haskell, it
follows naturally that this CGI program is perfectly secure.
|
|
Posted by Volker Birk on April 20, 2007, 9:25 pm
If you were Registered and logged in, you could reply and use other advanced thread options > > This implies, that you cannot use UDP for TLS, because UDP is not
> > reliable.
> Firstly we're talking about SSL, not TLS.
That doesn't matter.
> Secondly, we have a free
> layer 5, where we can make unreliable transport protocols reliable.
You're using a very strange method to agree with me.
Yours,
VB.
--
"Terror eignet sich mehr als irgendeine andere militärische Strategie dazu,
die Bevölkerung zu manipulieren."
(Dr. Daniele Ganser, 2005)
<http://www.auchdieserschwachsinnmussinsinternet.de/>
|
|
XML site map