Web Profile and security
Ray Plante
rplante at poplar.ncsa.uiuc.edu
Thu Dec 16 14:11:33 PST 2010
(this is a resend)
Hi Tom,
Tom said:
> So if I've understood this properly I'm confused as to whether https
> is designed to address the case where we have a trusted server (the
> SAMP Web hub), but an untrusted client (the web application). All of
> my experience with https has been in the opposite situation where the
> client (the web browser) is trusted, but the server (the remote web
> page) is not.
Hopefully my previous message clarified this, but to be direct, HTTPS can be
used to authenticate both the client, the server, or both. As you say, server
authentication is most common. In our case, the client is the provider of the
web app and the server is the Web-SAMP hub.
cheers,
Ray
More information about the apps-samp
mailing list