Re: ssl vs. servlets

[Ed Robbins]

SSL has nothing to do with user authentication.  SSL simply implies a 
secure connection between the two end points of the transaction.  As far 
as user auth is concerned you would still have to authenticate the user 
when using an SSL connection.

Ed

zvi gutterman wrote:

Hello,

1. Can someone point out some benchmark comparing Apache (and other
webservers) 
performance while using SSL vs. Servlet. Number of connections, CPU load,
etc?
2. Besides encrypting important data (such as credit cards), which I want to
make sure
   no one is reading along the way to the server, is there a reason not to
use Servlet
   for user authentication? session tracking? Are  Servlets secure enough?
   It seems to me that sites like Amazon are doing exactly this - using ssl
for
   credit card transactions and some other session tracking mechanism for
the rest.
   Am I right?

thanks,

Zvika.

 



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]