On Sun, 20 Jun 1999, Ted Keller wrote:
> For outbound connections, the problem may not be serious. For inbound
> connections, you will want to validate as much of the data/protocol as is
> possible.
It's not so simple: Bidirectional IIOP _is_ outbound at the TCP level,
but the server is able to invoke operations on the client.
I prefer callbacks with real incoming TCP-connects at the client side. If
the callbacks are allowed by the security policy my firewalls can handle
them. If not I can block them easily.
Rudi
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
