Mailing-List: contact river-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: river-dev@incubator.apache.org
Received-SPF: pass (nike.apache.org: local policy)
From: Michal Kleczek <mkleczek@contour-technology.com>
Organization: Contour Technology
To: river-dev@incubator.apache.org
Subject: Re: Towards Internet Jini Services (trust)
Date: Mon, 4 Oct 2010 13:54:59 +0200
User-Agent: KMail/1.13.2 (Linux/2.6.31-22-generic; KDE/4.4.2; x86_64; ; )
References: <4C9DB5BF.8090307@zeus.net.au>
 <201010041342.46272.michal.kleczek@xpro.biz> <4CA9BFB0.6030202@qcg.nl>
In-Reply-To: <4CA9BFB0.6030202@qcg.nl>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201010041354.59557.mkleczek@contour-technology.com>

On Monday 04 of October 2010 13:51:12 Sim IJskes - QCG wrote:
> On 10/04/2010 01:42 PM, Michal Kleczek wrote:
> > I don't think it is impossible since I do it all the time -
> > switches/bridges/routers are third parties that I do not trust but I use
> > them to securely communicate with my bank :) Why code servers or
> > ServiceRegistrars should be any different?
> 
> This is why TLS is so important. With TLS you have authentication and
> encryption in one solution. You can configure the level of encryption
> and the mechnisms for authentication differently for each application.
> 
> It provides you with an end-to-end solution, so you can use any insecure
> path you like.

So you meant TLS between the client and the service in your previous post?
But how can the client communicate with the service before unmarshalling the 
service proxy?

Michal