Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:22
Bill Frantz (frantz@netcom.com)
Mon, 26 Oct 1998 23:38:38 -0800
At 8:22 AM -0800 10/26/98, Perry E. Metzger wrote:
>"David R. Conrad" writes:
>> Primarily, what I'm concerned about is the security of the protocol that's
>> used between the applet and the server. (Secondarily, I'm concerned about
>> exporting it and/or having an unexportable java applet embedded in a web
>> page that's accessible outside the U.S. and Canada.)
>
>My suggestion: why re-implement what is already available in the
>program? The java applet is allowed to open an https: URL on the
>server if it wishes. Have it do so, and download your session keys
>that way.
>
>I've built several systems already that use this trick. 'taint pu'rty,
>but it does the job.
>
>Perry
Perry - How is the HTTPS session key selected. SSLv3 has a large number of
options. Getting good randomness in the applet will be an issue with some
of them.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:22