- From: Mark Needleman - DRA <mneedlem@dra.com>
- Date: Mon, 14 Aug 2000 10:04:45 -0500 (CDT)
- To: Robert Waldstein <wald@library.ho.lucent.com>
- cc: www-zig@w3.org
Bob one thing we talked about at the ZIG mtg was possibly registering a second well known port for secure sessions - that might help reduce the problem of the redirect since it could be advertised that if you want secure z3950 sessions the default is to go to port xxxx mark On Mon, 14 Aug 2000, Robert Waldstein wrote: > > > > > Why cant you just listen on both the secure and insecure ports? - also > > even though some of your records dont need to be encrypted - is there any > > harm (except for the overhead) of just encrypting all of the data? > > sure - as I said I agree putting something on an secure socket is easy. > And yes, could only use the secure socket. Actually guess could argue the > same for all internet applications (guess some people do -)). > And since I have at least one searcher that says the search itself > should be secure - this would also be resolved by doing everything over > secure sockets. > > Actually, thinking about it your point is correct - this means the security > is all between me and the authenticated remote user; encryption of the > data becomes an aside - as it should be to an application such as z39.50. > > Okay - so now I just wait till the world buys into this... Guess we > still need some sort of redirect since people will still come to port 210 > and ask for things requiring secure channels. > bob > > -- > Robert K. Waldstein Email: wald@lucent.com > Bell Laboratories, Room 3D-591 Phone: (908) 582-6171 > 600 Mountain Avenue > Murray Hill, New Jersey 07974 > >
Received on Monday, 14 August 2000 11:04:51 UTC