axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dumindu Pallewela" <>
Subject Re: MTOM and encryption
Date Mon, 03 Dec 2007 14:44:56 GMT
On Dec 3, 2007 8:08 PM, Dinesh Premalal <> wrote:
> Hi Kaushalye,
> Samisa Abeysinghe <> writes:
> > Kaushalye Kapuruge wrote:
> >> Hi List,
> >> We are experiencing some problems encrypting messages with optimized
> >> MTOM attachments. Say a client need to send an image(or binary
> >> content) in a confidential way.
> I do not understand why somebody need to encrypt MTOM
> attachment. AFAIU, There is no real value in MTOM message unless MTOM
> receiving endpoint. There is no point eavesdropping MTOM message I
> guess. Please bare with my limited security knowledge.

Mind you, sending a message MTOM optimized doesn't mean that it has to
always be a image. It may be a confidential document. Even if it is a
image who knows if somebody wants it to be seen by only a particular

Besides, what ever the content is, if somebody can intercept the
message in MTOM optimized form, it is not much of a problem for him to
view it. That's why we need encryption even when MTOM is used.


Dumindu Pallewela
GPG ID: 0x9E131672

WSO2 | "Oxygenating the Web Service Platform" |

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message