mailing list archives
Re: WAP Security
From: Alexander Klimov <alserkli () inbox ru>
Date: Wed, 19 Oct 2005 23:42:59 +0200 (IST)
On Mon, 17 Oct 2005 arieldorfman wrote:
i'm looking to put some webservers to be reached by mobile Phones.
which are the best practices regards Security? could i use SSL or a
If, indeed, your web-server can be *directly* reached from your
customer's device then you can use SSL as usual. OTOH if your
customers use WAP then what really happens is that the gateway gets
data from your server using SSL/TLS, decrypts it, converts it, and
reencrypts it (WTLS).
BTW, this gives about 46,100 results:
On Tue, 18 Oct 2005, statefull wrote:
it's not recommendable that you use SSL by the little capacity of
memory and processing of the mobile phones, i think you need to find
information about ECC (elliptical curves cryptography), here you
have some links to ECC solutions: www.certicom.com but you will need
to see your necessities.
BTW, openssl 0.9.8 supports ECC