The SSL and TLS Protocols in a J2EE Environment





Summary

The history of the World Wide Web is based on pragmatism. For example, no one would argue that sending uncompressed American Standard Code for Information Interchange (ASCII) text data on sessions that are set up and torn down for every single transaction is efficient in any way. However, this is what HTTP does, and it is very successful. The reason for its success is that it is simple enough to allow many different systems to interoperate without problems of differing syntax. The cost of simplicity is in network overhead and a limited transaction model.

Using cryptography in the Java language offers a similar dilemma. It is possible to write a secure application using a toolkit of basic functions. Such an application can be very sophisticated, but it will also be complex. Alternatively, using SSL URL connections (as described in Section 4.10.1 on page 145) offers a way to simplify the application but at the cost of application function. SSL Java packages provide a middle way, retaining simplicity but allowing more flexible application design.


     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows