Re: protocols&security

Marianne Mueller (mrm@Eng)
Fri, 31 Jan 1997 14:57:53 -0800

Date: Fri, 31 Jan 1997 14:57:53 -0800
Message-Id: <199701312257.OAA20681@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: mao@lava.de
Subject: Re: protocols&security

I don't know if you've had to deal with getting the protocol https
through a firewall boundary, but it's many people's experiences (and
belief) that new protocols do potentially raise security questions.
Consider https. Many firewalls don't by default let https through,
since once the https tunnels through and is sending encrypted traffic,
the firewall has a hard time policing that connection or being able to
make any statement about what it's letting in. I'm not saying this is
the right way to implement security. I'm just saying that I've seen
this sort of tugging between protocols & firewalls.

People want to know what the new protocol is going to do. The
feedback we get is that people are happy to allow new protocols in, if
they can limit the access that that protocol gives to the applet or
Java code. Hence the dependency on more configurable security
policies. Rather than implement some restriction in the code, as in
URL.java, wouldn't you rather modify a config file to allow
such-and-such a protocol to be used by your JVM? We're trying to get
beyond hard-coding the restrictions in the code.

We do want to support downloadable protocols but we have to face the
security issues. I think downloadable protocol handlers was one the
great raison d'etres for Java from the start. (That's just me
speaking there.)

Marianne