java - Is it possible/valid to have a TCP connection with secure login only, but non-secure messages? -


Say I am writing chat servers and clients who allow users to login with their username and password.

  1. Can I replace a secure socket with a socket transparently?
  2. Is it connected to a secure socket that I want to avoid non-latent information messages?

I would love java pointers / examples, but would also be interested in other languages.

This is not a valid use case. To prove only, to allow an attacker to move forward and to get information sent later?

SSL is not only for confidentiality but also provides integrity: Each packet is protected by a message authentication code so that one person can not change middle-content.

If there is no integrity protection in the content, then the connection is effectively anonymous. In that situation, why do you pretend to prove?


Comments

Popular posts from this blog

MySql variables and php -

url rewriting - How to implement the returnurl like SO in PHP? -

Which Python client library should I use for CouchdB? -