[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [regrep] [RS Issue] HTTP connection taking longer than TTL
Farrukh Najmi wrote: > Matthew MacKenzie wrote: > >> Farrukh, >> >> I haven't hashed out a solution as of yet, but I was thinking along >> the lines of adding optional mutually authenticated SSL to the >> Federation protocol. This way, all members of a federation would be >> trusted by virtue of their connections to each and other being >> encrypted using keys that are trusted. Some kind of self signed >> certificate exchange like is done in ebMS might just allow us to cut >> down some of the processing and comm (SSL/TLS can also do some >> compression) overhead. > > > Good point. > > SSL based communication between Registry Client and Registry is > already specified in section 10.3.1. I assume most > registry-to-registry communication *WILL* be over SSL. Does that > address the issue? Technically, yes, but I think we should mention that if registry-to-registry communication is via mutually authenticated SSL, requests and responses should not be signed. -Matt
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]