Re: NSURLConnection and self-signed certs?
Re: NSURLConnection and self-signed certs?
- Subject: Re: NSURLConnection and self-signed certs?
- From: Miro Jurišić <email@hidden>
- Date: Mon, 14 Jun 2004 00:20:48 -0400
On Jun 13, 2004, at 10:51 PM, joe pezzillo wrote:
There are two scenarios I can think of, both of which would be useful
to me and probably others.
One, in a "browser" like application (not based on WebKit) where
what's needed is to allow the end-user to visit any site they wish
(and/or can) and retrieve the HTML for their use (either as a rendered
HTML page or for other purposes), in this case, the application
software doesn't care if the site is trusted or not, just that they
have enabled the user to access it if possible.
Second, in an application that wishes to retrieve data from a
cheapskate host (or developer, ahem) where the host address is known,
is known to not have a valid cert due to the aforementioned frugality,
and still wants to prevent casual eavesdropping of the data in transit
between the host and the application. The previously suggested example
of a game developer who may have games in the field that access his or
her own server (or different servers) to retrieve "semi-sensitive"
data (eg, the format of data that tells the remote server what the
local user's high-score is, to prevent a crafty player from sniffing
the communications and then writing a POST Perl script that makes them
the point leader, let's say).
On Jaguar, I would buy this argument. On Panther, the procedure for
adding custom certs and CAs is both simple and well-documented, and is
the right way to do this AFAIK.
meeroh
--
<
http://web.meeroh.org/> | KB1FMP
"And when I have understanding of computers, I shall be
the supreme being!" -- Evil, "Time Bandits"
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.