On Dec 3, 2007 8:08 PM, Dinesh Premalal <[EMAIL PROTECTED]> wrote: > Hi Kaushalye, > > Samisa Abeysinghe <[EMAIL PROTECTED]> writes: > > Kaushalye Kapuruge wrote: > >> Hi List, > >> We are experiencing some problems encrypting messages with optimized > >> MTOM attachments. Say a client need to send an image(or binary > >> content) in a confidential way. > I do not understand why somebody need to encrypt MTOM > attachment. AFAIU, There is no real value in MTOM message unless MTOM > receiving endpoint. There is no point eavesdropping MTOM message I > guess. Please bare with my limited security knowledge. >
Mind you, sending a message MTOM optimized doesn't mean that it has to always be a image. It may be a confidential document. Even if it is a image who knows if somebody wants it to be seen by only a particular person? Besides, what ever the content is, if somebody can intercept the message in MTOM optimized form, it is not much of a problem for him to view it. That's why we need encryption even when MTOM is used. HTH, Dumindu. -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | "Oxygenating the Web Service Platform" | http://wso2.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
