Re: Intranett/internett secure transfers

Marianne Mueller (mrm@Eng)
Mon, 4 Aug 1997 13:53:15 -0700

Date: Mon, 4 Aug 1997 13:53:15 -0700
Message-Id: <199708042053.NAA00383@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: pthingst@online.no
Subject: Re: Intranett/internett secure transfers

You can use SSL with the Java Web Server and with HotJava.
Information on those applications can be found at

http://java.sun.com/products/HotJava
http://jserv.javasoft.com/

SSL provides channel encryption, that is, it encrypts traffic sent
using the https protocol.

HotJava is a web browser that is written in Java, except for the
crypto library used for SSL.

The Java Web Server is an http (and other services) server, written in
Java except for the crypto library used for SSL. The web server is
also available as a server toolkit, if you are interested in it as a
toolkit. For overseas distribution, SSL is not included in source
form in the server toolkit, as that isn't allowed by US regulations.
(SSL is available as bundled into applications, for overseas use.)

To access a database securely over the net, you could establish an
https connection using SSL, and then use applets or servlets with
JDBC. You might want to design additional authentication steps as
part of your applet/database design.

Out of the box, there's nothing about Java as a language or Java as a
computing platform that guarantee anonymity for internet traffic.
Internet traffic is indeed wide open and susceptible to sniffing, even
if the practical likelihood of that happening is statistically low.

Marianne