On 10/04/2010 01:54 PM, Michal Kleczek wrote:
This is why TLS is so important. With TLS you have authentication and
encryption in one solution. You can configure the level of encryption
and the mechnisms for authentication differently for each application.
It provides you with an end-to-end solution, so you can use any insecure
path you like.
So you meant TLS between the client and the service in your previous post?
But how can the client communicate with the service before unmarshalling the
service proxy?
Before i can start unmarshalling, i need to load the class from the
classloader. This classloader connects to the code providing server. The
classloader and server handshake, and exchange certificates. If anything
is fishy, the connection is severed, and whe only have lost the few
bytes from the handshake.
Gr. Sim
