| Subject | Re: [Firebird-Architect] Re: Crypto Extentions to Remote Protocol |
|---|---|
| Author | Mark O'Donohue |
| Post date | 2004-10-27T00:38:02Z |
Hi Roman
Roman Rokytskyy wrote:
idea.
It's fairly easy to build both client and server components using openssl.
But I'd stress that SSL should be *optional* since mostly you want a
fast communication rather than needing a secure encrypted connection and
the performance overhead of ssl for all traffic is not worth it.
Cheers
Mark
Roman Rokytskyy wrote:
>For a new protocol optional tunnelling of all traffic over ssl is a good
>>But we don't want to burden a trusted connection with encrypting all
>>the traffic - and just want to encrypt the few bits of sensitive data.
>
>
> Using SSL has one big advantage, at least for me and Carlos - we just
> take an SSL socket implementation and use it. No wire protocol change
> is needed :)
>
idea.
It's fairly easy to build both client and server components using openssl.
But I'd stress that SSL should be *optional* since mostly you want a
fast communication rather than needing a secure encrypted connection and
the performance overhead of ssl for all traffic is not worth it.
Cheers
Mark