Since AFAIK, flash is to look at the x.509 pool, below is the only
method I could come up with that provides any security, please tell me
if I am missing something.
-client sends request over https for the socket key
-the server respond by generating keys, associating the keys to the
session (enabling checks to see if it is still active), and then sends
it back over https
-once the key is received the client uses the keys to encrypt/decipher too.
What do you think? any suggestions?
Flashcoders mailing list