axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dumindu Pallewela" <pallew...@gmail.com>
Subject Re: MTOM and encryption
Date Mon, 03 Dec 2007 14:44:56 GMT
On Dec 3, 2007 8:08 PM, Dinesh Premalal <xydinesh@gmail.com> wrote:
> Hi Kaushalye,
>
> Samisa Abeysinghe <samisa@wso2.com> writes:
> > Kaushalye Kapuruge wrote:
> >> Hi List,
> >> We are experiencing some problems encrypting messages with optimized
> >> MTOM attachments. Say a client need to send an image(or binary
> >> content) in a confidential way.
> I do not understand why somebody need to encrypt MTOM
> attachment. AFAIU, There is no real value in MTOM message unless MTOM
> receiving endpoint. There is no point eavesdropping MTOM message I
> guess. Please bare with my limited security knowledge.
>

Mind you, sending a message MTOM optimized doesn't mean that it has to
always be a image. It may be a confidential document. Even if it is a
image who knows if somebody wants it to be seen by only a particular
person?

Besides, what ever the content is, if somebody can intercept the
message in MTOM optimized form, it is not much of a problem for him to
view it. That's why we need encryption even when MTOM is used.

HTH,
Dumindu.


-- 
Dumindu Pallewela
http://blog.dumindu.com
GPG ID: 0x9E131672

WSO2 | "Oxygenating the Web Service Platform" | http://wso2.com

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message