Firewall Wizards mailing list archives

Why are developers choosing to...

From: "Behm, Jeffrey L." <BehmJL () bvsg com>
Date: Fri, 20 Jan 2006 11:34:05 -0600


Why are developers choosing to write "web-based" code that runs some
sort of encryption, typically SSL, across a non-standard port (say
10443) and then having those URLs blow up when they try to traverse the
prudent company's perimeter security...You know..."deny all that is not
explicitly allowed."

I am seeing more and more "websites" that use a URL such as
http://register.at.my.site:10443. Why not just use the standard secure
port 443 from the get go?  Is there something that makes SSL across
10443 innately more secure, or is this just the "security by obscurity"
smoke-and-mirrors trick?

Opinions?

Jeff
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Why are developers choosing to... Behm, Jeffrey L. (Jan 20)
- Re: Why are developers choosing to... Paul D. Robertson (Jan 20)
  - Re: Why are developers choosing to... Joseph S D Yao (Jan 20)
    - Re: Why are developers choosing to... Paul D. Robertson (Jan 20)
- Re: Why are developers choosing to... Karl Mueller (Jan 20)
- Re: Why are developers choosing to... Adrian Grigorof (Jan 20)
  - Re: Why are developers choosing to... Greg Spath (Jan 20)
- Message not available
  - Re: Why are developers choosing to... hermit921 (Jan 20)
    - Re: Why are developers choosing to... Paul D. Robertson (Jan 20)
- Re: Why are developers choosing to... Darren Reed (Jan 20)
- Re: Why are developers choosing to... mlh (Jan 23)

(Thread continues...)