On Mon, Mar 12, 2012 at 1:11 AM, David Barrera <dbarr...@ccsl.carleton.ca> wrote:
> SSL works well for authentication and as Jonas points out, it is well > understood by developers and the community. If B2G apps will *only* be ah... actually.... :) it was only until the BBC started using SSL as a means to terminate the possibility of viewing iplayer videos that i understood that it was even _possible_ to use SSL for that purpose. up until that point i always understood SSL to be nothing more than a means to guarantee end-to-end privacy. if someone with 30 years experience of working with computers can be ignorant (me!) of all the uses to which SSL can be put, it's probably best *not* to assume that it's well-understood by "developers and the community", eh? :) if there was a wiki page which was being utilised to collate all this information i would, of course be inviting people to add that information such that its impact can be properly assessed. even i forgot that SSL can be used for private-key/public-key authentication, so i made an error earlier today in the replies to jonas that i will have to reassess. gaah. complicated. l. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
