Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using SSL accelerators in firewalls

From: miha () nil si
Date: Wed, 17 Jul 2002 16:10:29 +0200
Let me ask this question another way :-)

If the bank has a SSL accelerator to <quote> screen traffic and then pass your data through some number of other 
things, unencrypted <end quote>, how is that different from decrypting it on the web server 
and then doing the same thing (assuming you have a two tier design). Bad 
design is not device dependant, it can be achieved using a large variety 
of tools.

---
  Miha Vitorovic
  Inženir v tehničnem področju
  Customer Support Engineer

   NIL Data Communications,  Einspielerjeva 6,  1000 Ljubljana,  Slovenia
   Phone +386 1 4746 500      Fax +386 1 4746 501     http://www.NIL.si


In some email I received from Darren Reed, sie wrote:


There would seem to be a growing trend in using SSL accelerators not
next to the web server but attached to a firewall so that it isn't
https traffic that passes through but http.


Let me ask this question another way.

If your bank was using one of these SSL accelerators and it was not
directly attached to the web server, but the "far side" of something
else so they could screen traffic and then pass your data through
some number of other things, unencrypted, would you use that bank's
Internet Banking service which used SSL encryption ?



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: