W3C home > Mailing lists > Public > www-mobile@w3.org > March 2000

RE: E-commerce using WAP (...WTLS...)

From: Zhu John-W51056 <John.Zhu@motorola.com>
Date: Fri, 3 Mar 2000 09:46:18 -0700
Message-ID: <65643B88DAAAD311AE660008C7B13AD024AE74@AZ33EXM02>
To: "'Mukul Gandhi'" <mgandhi@bhartitelesoft.com>, www-mobile@w3.org
Hi Mukul

Where the SSL terminates, at Wap gateway or at the wireless terminal? I
remember a while ago, it's terminated at Wap gateway and an "unwireed
planet" proprietary symmetric encrypted link replaced SSL between wireless
terminal and Wap gateway.

Thanks!

-John

-----Original Message-----
From: Mukul Gandhi [mailto:mgandhi@bhartitelesoft.com]
Sent: Thursday, March 02, 2000 9:06 PM
To: www-mobile@w3.org
Cc: jain@cs.purdue.edu
Subject: Re: E-commerce using WAP (...WTLS...)


Hi Sandeep ,
Verisign issues WAP Server Certificates to enable WTLS security between WAP
servers and client wireless devices such as digital cellular phones and
other mobile client devices. You must install the certificate from Verisign
on the WAP Server to enable it with WTLS. VeriSign supports the following
WAP servers: Motorola, Nokia, and Phone.com . The procedure to apply for
WAP Server Certificate is very much the same as for normal SSL
Certificates. www.verisign.com has details . 

regards
-mukul


At 06:34 AM 3/2/00 -0500, jain@cs.purdue.edu wrote:
>Hi all...
>
>I am developing a secure WAP application for e-commerce.
>I am facing a problem.....I dont know if any of the available
>WAP terminal simulators....have an implementaion of WTLS...they need not
>in a sense as they are only simulators.
>
>My questions are:
>1. Is there any vendor (Motorola,Ericsson,Phone.com,Nokia....etc.)
>   having a secure implementation of WAP (i.e. WTLS) on the WAP
>   enabled cell-phones?
>2. Is anybody currently implementing WTLS?
>3. Are there any e-commerce application being used currently
>   anywhere?
>
>I dont see how one can develop e-commerce applications using WAP
>without making sure that the data on the wireless channel being
>"overheard". We can have hardware encryption...but that is vendor 
>and bearer technology specific.
>
>Thanks
> 
>
>---------------------------------------------------------------------------
-
>Sandeep Jain                    Office: MTH 405
>Graduate Student                Phone : 765-494-5006
>Computer Science Department     URL: http://www.cs.purdue.edu/homes/jain/
>Purdue University
>West Lafayette, IN 47907-1398.                   


--------------------------------------------------------------
Bharti Cellular Limited, New Delhi, India
Received on Friday, 3 March 2000 11:46:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:16:02 UTC