Re: NSURLConnection and self-signed certs?
Re: NSURLConnection and self-signed certs?
- Subject: Re: NSURLConnection and self-signed certs?
- From: Wade Tregaskis <email@hidden>
- Date: Mon, 14 Jun 2004 11:48:04 +1000
Yes, but that's not useful. Assume you are sending an important piece
of information to a specific recipient. You need to know that a. you
are talking to the right person and b. noone else can intercept the
data in transit. If you abandon certificate verification, you abandon
part a. -- which means that you could be transmitting the very
important data to _anyone whatsoever_.
I think the original poster is just looking for encryption, regardless
of whether it is truly secure. While this sounds stupid on first
glance, it does have some redeeming qualities... it makes eavesdropping
harder for outsiders, and if the other side is in fact trusted, then
you've got no problems.
The original poster's usage may not specify any trust for remote
parties anyway, so even a valid certificate may be meaningless.
Perhaps the original poster could explain the details, rather than me
making assumptions, as I'm sure quite a few people aren't going to be
happy with any [arguably] plausible scenario's I could presently come
up with. :)
Wade Tregaskis (aim: wadetregaskis)
-- Sed quis custodiet ipsos custodes?
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.