[omniORB] IIOP Security (SSL)

Alfonso Urdaneta aurdaneta@integratedvisions.com
Mon, 10 May 1999 14:35:18 -0400


Eric Dumas wrote:

>         In fact, this is close to the solution we have adopted to
> encapsulate the GIOP protocol in HTTP (and HTTP/SSL). The startup is
> to create a new thread which bind a new socket. The TCPSocketMTFactory
> has been modified (few lines) in order to forward data to the binded
> socket (with a small handshake). The binded thread, or proxy, will
> create a new thread which will take care of the communication. This is
> nice because HTTP requires serialize operation (write(data) followed
> by read(answer)).

Hi Eric,

My name is Alfonso Urdaneta, I work with David Flickinger, who started
this thread, and it seems that I'm going to be the one doing the
implementing ( because he is a lazy deadbeat ).

What I - at this time - think I'm going to have to do is use the
http://www.openssl.org toolkit and pretty much do what you did,
modifying the socket factory to return secure sockets which will then be
used for communication.

But before I start traipsing down that path, I was curious as to what
timeframe you intend to release source code ?  If that's not going to be
anytime soon, could I impose on you for a slightly more detailed
description of what you did to get me pointed in the right direction ?

Any help you could provide would be greatly appreciated.

Alfonso.