Hi!
Neil Thorne wrote:
> How about that code being signed by a Certified Authority? How much more
> SECURE and AUTHENTIC do you want? And besides you allow someone elses code
> to run on your enterprise server all the time!! Wouldn't you trust BEA's CA
> certificate? Or Inprise's? If it allowed you to run a protocol x times
> faster than IIOP!!
I agree with you on this one.
> Anyways, so if downloadable stub security is not an issue (and in my opinion
> it's solved good enough already. No scaremongering!) then I think two well
> thought out options have been discussed, and someone has already raised this
> point. What is wrong with having IIOP as the mother of all protocols that
> everyone must support, if they don't like downloadable stubs. Then all EJB's
> talk to each other. Great. But you allow an EJB server to ask another server
> if it trusts it's downloadable stub after the initial IIOP handshake. If it
> does, then hey great. You can download my stub, and use my optimised
> protocol, and you'll run faster with me. If not, oh well. I'll send you IIOP
> instead.
>
> Any thoughts?
Yes, that is possible. It all comes down to how a bean Foo in server A
looks up bean Bar in server B. Let's say B serves bean Foo with two
different protocols X and IIOP. If Foo uses "iiop:"-style JNDI-lookups
it would get a IIOP-stub, and can use its own trusted implementation of
IIOP-talk if necessary. If Foo uses "x:"-style JNDI-lookups it would get
a stub from B using X as protocol, which might be more efficient than
using IIOP, or it might be able to handle firewalls cleanly, or some
other nice feature.
I think this would work, but I can't say for sure. Anyone that sees any
flaws with this?
/Rickard
--
Rickard �berg
@home: +46 13 177937
Email: [EMAIL PROTECTED]
http://www.dreambean.com
Question reality
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
