>> Dave says... >> Seems good old SSL is after all susceptable to some sort of Man In The >> Middle atack.
<tireless-OT-ihatetheweb-ranting> Thanks for the link Dave. While this issue is in the process of being addressed by the various providers, it is still one of the MANY reasons why I abandoned the web stack a long time ago. For truly secure hosted apps, I developed my own app hosting architecture years ago. My apps are true, native SaaS, and don't use any Web stack technologies, including NO SSL, HTTPX, FTPX, etc. Instead, I use my own app servers, channel security, protocols, client technology, embedded scripting, etc. I am such the radical... ;) And, all done using ICS, of course... :) Anyway, my point is that I am always mystified (stunned) as to why so much of the development world thinks that distributed applications and the Web are synonymous, or that the distributed paradigm started with HTTP, or that SSL is such a great security solution. Distributed apps began much earlier than Web technologies. I was developing them before the Web. In fact, the Web craze set the distributed paradigm back about 20 years. The Web is simply a huge kludge. Oh well, so we have another, "oh no, SSL is broke" issue. Of course we do. Just wait. This one will be addressed and then the next weakness will emerge. ALL Web stack technologies are broke regarding security and have been since they were innovated. That isn't going to change until we do SOMETHING else. </tireless-OT-ihatetheweb-ranting> Regards... Hoby -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
