axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kaushalye Kapuruge <kausha...@wso2.com>
Subject Re: MTOM and encryption
Date Mon, 03 Dec 2007 15:30:47 GMT
Dinesh Premalal wrote:
> Hi Kaushalye,
>
> Samisa Abeysinghe <samisa@wso2.com> writes:
>   
>> Kaushalye Kapuruge wrote:
>>     
>>> Hi List,
>>> We are experiencing some problems encrypting messages with optimized
>>> MTOM attachments. Say a client need to send an image(or binary
>>> content) in a confidential way. 
>>>       
> I do not understand why somebody need to encrypt MTOM
> attachment. AFAIU, There is no real value in MTOM message unless MTOM
> receiving endpoint. There is no point eavesdropping MTOM message I
> guess. 
Confidential data can be in any form. And eavesdroppers would not 
neglect MTOM attachments. For example an image taken by a security 
camera that need to be transfered to the Central Investigation Unit as 
an MTOM attachment. ;) Just to name one. Also anything in the binary 
form. A secret key for example.
So we need to make sure that its not visible in the wire content. That's 
why we need to encrypt.
-Kau
> Please bare with my limited security knowledge.
>
> thanks,
> Dinesh
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-dev-help@ws.apache.org
>
>
>   


-- 
http://blog.kaushalye.org/
http://wso2.org/


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message