|
>From: Nathan M. Andelin [mailto:nandelin@relational-data.com] >This approach is a lot less complex then VPN, but equally secure. VPNs can be very simple to install so I question the "lot less complex" part. But more importantly, unless I'm forgetting something, SSL promises two things: 1) The server I'm talking to is the server I think it is. 2) The communication between the server and client is encrypted. Given that IIS in this case would be the client and the AS/400 the server I don't see how this helps. The AS/400 would need a certificate from a trusted party (for argument sake, verisign) or it could self sign. In either case that would enable IIS to know that the AS/400 it's speaking to is indeed the AS/400 it should be speaking to. However, in this case doesn't Dave need the AS/400 to know that this IIS box is indeed the IIS box it thinks it is. In other words you need to use certificates to validate CLIENT identity, not server identity. Now, certificates are capable of doing that, but that is not "normal" SSL and now you are into things that are much more complex than VPNs. -Walden ------------ Walden H Leverich III President Tech Software (516)627-3800 x11 WaldenL@TechSoftInc.com http://www.TechSoftInc.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.