Since AFAIK, flash is to look at the x.509 pool, below is the only method I could come up with that provides any security, please tell me if I am missing something.

-client sends request over https for the socket key
-the server respond by generating keys, associating the keys to the session (enabling checks to see if it is still active), and then sends it back over https
-once the key is received the client uses the keys to encrypt/decipher too.

What do you think? any suggestions?
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders

Reply via email to