Re: The best small/medium database...?

From: Eugene Mayevski (mayevski_at_eldos.org)
Date: 11/04/03 

Date: Tue, 04 Nov 2003 08:28:27 +0200

Thorsten Engler [NexusDB] wrote:

> a) derive a new transport wrapper from TnxBaseSecuredTransport as intended
> by the design
> In this case you would derive your own class from TnxBaseSecuredTransport,
> for each call to Request you can make as many calls to the request function
> of the inner (wrapped) transport as you want. This is functionally equal to
> using a normal blocking socket.
> This would be the preferred way to implement SSL. It would actually be a NX
> over SSL over NX over whatever-inner-transport-you-use implementation. The
> main benefit is that it enables you to use SSL over any current and future
> physical transport.

The question that I already asked the developers, but didn't get an answer:
is it possible for the server side of the transport connection to send
own message to the client?

I didn't find such way in code. This is necessary because SSL requires
streaming, which, in order to implement it over your message-based
system, requires that both sides can send independent messages to each
other (i.e. there's no "dedicated" server or client side).

> b) placing hooks into TnxWinsockTransport to enable you to encode, decode
> data directly around the socket calls.

This requires modifications of Winsock transport. I already requested
this (and offered to do modifications) but didn't get positive answer.

Obviously an option to write own transport is not usable for us. 

-- 
Eugene Mayevski
EldoS Corp., CTO
Networking and security solutions, custom development services
http://www.eldos.com

Relevant Pages

  • Re: Sicherheit bei Cookieless Sessions
    ... Der Client wechselt völlig legal nach jedem Request ... Ist ebi einem unsere Kunden passiert. ... Und es wird eben auch bei jedem Request, ... wenn es sich um eine SSL ungeschützte seite ...
    (microsoft.public.de.german.entwickler.dotnet.asp)
  • Re: Disable requesting client certificate when running in SSL
    ... > I actually do have a client cert, so I should be able to find a way to ... >> far enough for me to be able to see the client certificate request ... >> Where IIS makes use of SSL I thought the options for request client ...
    (microsoft.public.windows.server.active_directory)
  • Re: UsernameOverTransportSecurity+SSL Confusion, please help
    ... If you are using transport security, the following section is not necessary ... The code for the client application looks fine. ... I just want to use SSL. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Help in getting the IIS SSL integration along with application server Tomcat
    ... How is this different to a non-SSL request ... Then once the SSL handshake and authentication is done then Tomcat ... application will be invoked by IIS to do the business logic on the ... request that has been processed from the client to IIS. ...
    (microsoft.public.inetserver.iis.security)
  • Failure posting files to iis6.0 using ssl client authentication
    ... server authentication or no ssl at all work fine. ... The bug does not occur with IIS 5.0. ... If client certificates are enabled on individual directories or files ... The IIS worker process receives enough data to parse request headers, ...
    (microsoft.public.inetserver.iis.security)