Web Profile and security

Ray Plante rplante at poplar.ncsa.uiuc.edu
Thu Dec 16 14:11:33 PST 2010


(this is a resend)

Hi Tom,

Tom said:
> So if I've understood this properly I'm confused as to whether https
> is designed to address the case where we have a trusted server (the
> SAMP Web hub), but an untrusted client (the web application).  All of
> my experience with https has been in the opposite situation where the
> client (the web browser) is trusted, but the server (the remote web
> page) is not.

Hopefully my previous message clarified this, but to be direct, HTTPS can be 
used to authenticate both the client, the server, or both.  As you say, server 
authentication is most common.  In our case, the client is the provider of the 
web app and the server is the Web-SAMP hub.

cheers,
Ray



More information about the apps-samp mailing list