[nycphp-talk] Secure (XML-RPC) connection
Chris Bielanski
Cbielanski at inta.org
Wed Mar 24 10:37:33 EST 2004
SSL is just the poor-man's VPN for these types of things. Honestly, if SSL
had not already proved sufficient in a large number of cases, someone would
have spoken up saying "Use XYZ..."
The only token of opinion I can offer up beyond that is to build an IPSEC
tunnel between a couple of W2K boxes. Seems to me that all that does is use
OS-native functionality to build a VPN instead of a hardware-based secure
tunnel.
~Chris
> -----Original Message-----
> From: Mitch Pirtle [mailto:mitchy at spacemonkeylabs.com]
> Sent: Wednesday, March 24, 2004 10:12 AM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] Secure (XML-RPC) connection
>
>
> Matthew Terenzio wrote:
>
> > I curious to see what others say, because I've never done this,
> > exactly. It sounds like a typical web service, but I'm not
> sure why it
> > is needed to be done this way. With proper precaution,
> can't the web
> > server just interact directly with the database through an SSL?
>
> That's the first thing I do with a fresh PostgreSQL installation, at
> least if the webservers are on separate hardware :)
>
> Another alarming phenomenon I have observed is the
> everything-or-nothing
> approach, where the whole shebang is either completely in the
> open, or
> they encrypt everything - even stuff that is then public on
> the website...
>
> For XML-RPC I've only seen the SSL approach, is there a
> better practice
> for stuff like this?
>
> -- Mitch
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
>
More information about the talk
mailing list