[ale] Perl + SSL
Yu, Jerry
Jerry.Yu at Voicecom.com
Wed May 19 10:56:29 EDT 2004
<please allow me to split the hair>
security benefits privacy as well as confidentiality. If one doesn't want
any man in the middle to learn about his/her personal interests (which
columns, which articles on usatoday.com), one certainly can appreciate the
encryption, provided by SSL as in https.
</please allow me to split the hair>
-----Original Message-----
From: Christopher Fowler [mailto:cfowler at outpostsentinel.com]
Sent: Wednesday, May 19, 2004 10:02 AM
To: cfowler at outpostsentinel.com; Atlanta Linux Enthusiasts
Subject: Re: [ale] Perl + SSL
I'll also add that from a data perspective the stuff passed between the
C and Perl code is worthless to anyone but the devices. There is no
sensitive information there. I want to implement encryption from a
marketing perspective. Many IT individuals think that if it is not
encrypted then it is not good. IMHO that is simply not true. You pick
encryption based on the value of the data that will be transmitted in
the connection. For example to go to https://www.usatoday.com vs
http://www.usatoday.com would not warrant the cycles needed on the
server and the client to simply encrypt the contents of today's paper.
On Wed, 2004-05-19 at 09:55, Christopher Fowler wrote:
> The only problem I've experienced with stunnel is when I need to use
> getpeername() to determine who is contacting me. When stunnel is in the
> middle then it appears as if 127.0.0.1 is the one that I'm talking to.
> Maybe I've misconfigured it?
>
> On Wed, 2004-05-19 at 09:44, Fletch wrote:
> > You can use ssl for just encryption, you don't need to go whole hog
> > and use its authentication features as well. Also consider just
> > passing on implementing the crypto in your software and using stunnel
> > or ssh to pass the traffic. You're most likely better off using a
> > proven protocol than trying to implement your own even if you use off
> > the shelf algorithms (stop and immediately read Schneier's _Secrets
> > and Lies_ NOW if you haven't already :).
> >
> >
> > At any rate, if you still want to do it yourself look at
> > Crypt::SSLeay, Net::SSLeay, and the other Crypt:: modules on CPAN
> > (probably using something like Crypt::Blowfish with Crypt::DH to do
> > key exchange).
> >
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list