Nice demonstration. I only miss the "seriously" part, which is covered partially by the term "expensive" ;-)
Right. :)
I wanted only to add IPSEC as another possible scenario. It has less (no) TCP overhead than a SSL tunnel. And it works without even changing your config files.
Now that's an idea. I don't even know how IPSEC works. However, I think it might be a UNIX-only thang (and he's on win32). However, the point you make about VPNs is a good one. I think you can't 'avoid' the TCP overhead, though, since this stuff runs over something which has to have some kind of error-correcting and delivery guarentees like TCP does (even if it's not actually implemented using TCP).
At any rate, you could tunnel your JDBC connections through some other kind of secure connection.
-chris
signature.asc
Description: OpenPGP digital signature
