> That's ok, your English is much better than my {German, Italian, French}
> :)
French in my case (and 8 eight years trying to learn German). I see you know
our language melting pot! You just forgot the last one : Rumantsch. But as
only 40'000 (and my girlfriend) people speak it, you are excused ;)
> > I very well understand your point. But what if you wanted to
> developp a new
..
> users, not to traditional proxy-based firewalls.
OK. So, to see if I well understand, when developping new applications, we'd
better use existing protocols (like HTTP) than develop new one. This is
"easier" to administrate but doesn't assure it is more secure. For example,
if my CORBA application is not widely accepted because it needs ports xxx,
making it use HTTP as its communication protocol won't be a problem anymore
for users (they by-pass their firewall-admin authority!) but will be a new
one for their admin : whichever protocol you use, the problem is in the
application (trojan horse).
So the solution is :
- don't develop an application anymore?
- use a already known (and de facto trusted) protocol and, consequently,
bypass your FW-admin authority?
- develop a new application, a new protocol and a new proxy?
- ...
This new topic is very interesting but very intriguing too.
Cheers,
Sacha
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
