Re: Upgrading to TLS Within HTTP/1.1 draft available

John Stracke (francis@ecal.com)
Tue, 29 Jun 1999 17:09:14 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Scott Lawrence: "RE: Upgrading to TLS Within HTTP/1.1 draft available"
Previous message: Jim Gettys: "Re: Upgrading to TLS Within HTTP/1.1 draft available"
Maybe in reply to: Scott Lawrence: "Upgrading to TLS Within HTTP/1.1 draft available"
Next in thread: Ben Laurie: "Re: Upgrading to TLS Within HTTP/1.1 draft available"

Jim Gettys wrote:

> > But aren't there security benefits to having separate ports (e.g., making it
> > possible to run your secure server in a separate process)?
>
> No: the problem is that establishing a connection to a separate port
> allows for man-in-the-middle attacks at connection establishment times;

OK, got it.  Thanks for the explanation.

--
/=============================================================\
|John Stracke    | My opinions are my own | S/MIME & HTML OK  |
|francis@ecal.com|============================================|
|Chief Scientist | NT's lack of reliability is only surpassed |
|eCal Corp.      |  by its lack of scalability. -- John Kirch |
\=============================================================/

Next message: Scott Lawrence: "RE: Upgrading to TLS Within HTTP/1.1 draft available"
Previous message: Jim Gettys: "Re: Upgrading to TLS Within HTTP/1.1 draft available"
Maybe in reply to: Scott Lawrence: "Upgrading to TLS Within HTTP/1.1 draft available"
Next in thread: Ben Laurie: "Re: Upgrading to TLS Within HTTP/1.1 draft available"