Home > Archive > SQL Anywhere Mobile > August 2005 > Re: Difference betwenn HTTP/HTTPS syncronization using certicom &









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Re: Difference betwenn HTTP/HTTPS syncronization using certicom &
Alex van Denzel

2005-08-10, 7:25 am

John Yovas wrote:
> My question was difference between using HTTP and HTTPS with certicom with
> Ultralite clients. To achive TLS with both HTTP and HTTPS we need certicom
> so what is the real difference ?

TLS is similar to SSL, it encrypts the TCP/IP connection between end-nodes.
+----------------------+
| TCP/IP connection |
| +------------------+ |
| | TLS encryption | |
| | +--------------+ | |
| | | Payload | | |
| | | ... | | |
| | +--------------+ | |
| +------------------+ |
+----------------------+


HTTP is a protocol over TCP/IP where different types of data can be
transferred between end-nodes over roughly the same channel.
+----------------------+
| TCP/IP connection |
| +------------------+ |
| | HTTP protocol | |
| | +--------------+ | |
| | | Payload | | |
| | | ... | | |
| | +--------------+ | |
| +------------------+ |
+----------------------+

HTTPS is HTTP over TLS (or SSL). In this case an TLS or SSL connection
in built between the end-nodes, and data is transfered over this
connection, using the HTTP protocol.

+-----------------------+
| TCP/IP connection |
| +-------------------+ |
| | TLS encryption | |
| | +---------------+ | |
| | | HTTP protocol | | |
| | | +-----------+ | | |
| | | | Payload | | | |
| | | | ... | | | |
| | | +-----------+ | | |
| | +---------------+ | |
| +-------------------+ |
+-----------------------+

TLS over HTTP means, encrypt the data with TLS, and then send the
encrypted data with HTTP to the other node.
+------------------------+
| TCP/IP connection |
| +--------------------+ |
| | HTTP protocol | |
| | +----------------+ | |
| | | TLS encryption | | |
| | | +------------+ | | |
| | | | Payload | | | |
| | | | ... | | | |
| | | +------------+ | | |
| | +----------------+ | |
| +--------------------+ |
+------------------------+

The issue with Certicom is, that the libraries used by the UltraLite and
dbmlsync clients for TLS encryption are provided by Certicom, and you
need a license for it.

To use plain HTTP, you don't need Certicom.

(anyone, please correct me if I'm wrong, or left something out)

--
Alex
Sponsored Links





Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive | Programming forum archive

Copyright 2008 droptable.com