July 26, 2011, 2:40 a.m.
posted by superj
The history of the World Wide Web is based on pragmatism. For example, no one would argue that sending uncompressed American Standard Code for Information Interchange (ASCII) text data on sessions that are set up and torn down for every single transaction is efficient in any way. However, this is what HTTP does, and it is very successful. The reason for its success is that it is simple enough to allow many different systems to interoperate without problems of differing syntax. The cost of simplicity is in network overhead and a limited transaction model.
Using cryptography in the Java language offers a similar dilemma. It is possible to write a secure application using a toolkit of basic functions. Such an application can be very sophisticated, but it will also be complex. Alternatively, using SSL URL connections (as described in Section 4.10.1 on page 145) offers a way to simplify the application but at the cost of application function. SSL Java packages provide a middle way, retaining simplicity but allowing more flexible application design.