[Previous] [Index]
[Thread]
Re: Applet security (was Re: ActiveX security hole reported).
On Aug 30, 9:38, Alireza Bahreman wrote:
> Subject: Re: Applet security (was Re: ActiveX security hole reported).
>1) The class file is extended to include the object signature block. No other
> enveloping mechanis is used. See http://eco.eit.com/solidoak/
Understood - I lean toward a MIME based mechanism though....
>2) Actually, it is based on RFC-1847 and nothing prevents S/MIME being used to
> provide the MIME security. If you are interested, please view:
> http://eco.eit.com/mapplet/
:-) I would prefer a complete 1847 or MOSS over S/MIME which doens't do
multipart/encrypted.
>3) You are right. Using SSL requires trust in the server AND that no one has
> managed to spoof the server using man in the middle kind of an attack.
:-) Read my msgref again, ment to say "in"complete. You seem to'v got the drift
though.
Cheers!
[ psr ]
References: