No ... merely separating one type of traffic from another - not down to the client level.
-----Original Message----- From: Matt Liotta [mailto:[EMAIL PROTECTED]] Sent: Monday, June 17, 2002 4:52 PM To: CF-Talk Subject: RE: Need help with CFMX/ASP.NET comparison... So I am a business with 100,000+ clients each that are going to make use of my Web service. Are you suggesting assigning each one of them their own port, so that my firewall can properly tell them apart? -Matt > -----Original Message----- > From: Mark A. Kruger - CFG [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 17, 2002 2:51 PM > To: CF-Talk > Subject: RE: Need help with CFMX/ASP.NET comparison... > > Matt, > > Ok, what would prevent you from running SSL over a port other than 443 to > separate it from the "standard web traffic". Then you could impliment > firewall rules for that configuration - right? > > -mk > > -----Original Message----- > From: Matt Liotta [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 17, 2002 4:35 PM > To: CF-Talk > Subject: RE: Need help with CFMX/ASP.NET comparison... > > > > Actually, xml web services are supposed to allow you to close the RPC > > ports > > from the outside world. You're right about the web service making use > of > > RPCs, but they do so within your network, not throught the firewall. > RPCs > > aren't secure either if you really want to get into it. > > > Which is the problem. Previously when you wanted to do RPC with another > business you could simply assign firewall rules for the RPC. Now you > can't because you are mixing RPC with normal web traffic. > > > You would never invoke an xml web service over http if you wanted it > > secure. > > That's what https is for. Now if you tell me https is insecure, > you're > > telling me to never buy anything online, or bank online or any of the > > other > > services I do over https. > > > Why would you make such a leap in logic? In one context using HTTPS > might be insecure while in another context it might be secure. In the > case of buying something online, there is very little incentive to try a > middle man attack. This is because you only have a single stable player, > the company. All the individuals are spread all over the internet. > Besides, stealing a single credit card is pretty worthless. On the other > hand, when two businesses are doing RPC over HTTPS, each transaction is > coming and going to the same place. It is quite easy to setup a middle > man attack and just watch all the transactions going by and even insert > your own for good fun. So you see, in some cases HTTPS is secure while > in others it isn't. > > > And yes, there is a gap between COM and CORBA. CORBA is similar to > COM in > > the non Microsoft world. COM and CORBA don't talk to each other. > Period. > > XML web services allow for both *nix and Micro$oft worlds to talk to > each > > other and read/set properties and use methods of remote objects. That > is > > the biggest thing stated at the Micrsoft .net seminar I attended. > > > Glad to hear you're getting your information from a reliable source. > CORBA is not *nix only thing. CORBA is an open standard that works on > every platform including Windows. COM on the other hand is not an open > standard and works only in Windows. CORBA talks to everyone by design... > COM talks to no one by design. > > -Matt > > > ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
