The https tag has no wiki summary.
3
votes
3answers
77 views
Is a predefined key enough security when performing HTTP requests between two secure servers?
I have an AdWords script that regularly transfers sensitive data to my server using a POST HTTP request. For security I have a predefined 32 character randomized string that is verified by my server ...
2
votes
2answers
140 views
Committing https certificates to Github…is there ever a good reason for this?
If a server certificate is published to Github, a la:
-----BEGIN CERTIFICATE-----
is that necessarily a bad thing? Is there ever a legitimate reason to do this?
I ask because of a recent wave of ...
7
votes
6answers
504 views
Will Authentication over HTTPS Slow My Application?
I am building a web application and RESTful web service.
I have been reading various articles about the best way to authenticate the requests to the web service.
The best option for me seems to be ...
5
votes
2answers
504 views
Is HTTPS enough to avoid replay attacks?
I am exposing a few REST methods on a server for an mobile app.
I would like to avoid that users can sniff how HTTP methods are built (from the mobile app) and then send them again to the server. ...
0
votes
1answer
71 views
ssl requirement -is this just initial handshaking so that subsequent socket communication can commence as normal
I am new to SSL/HTTPS so uncertain on the basics.
PROBLEM:
A Java applet must communicate with a socket server listening on a port on the web server. Also communication must be secure.
Without SSL, ...
1
vote
1answer
83 views
Random number for HTTPS MAC
Recently I found that Netscape used quite simple algorithm to generate random number for Message Authentication Code to establish an HTTPS connection (Nestscpe used time, process identification ...
