Re: How to grab the raw HTTPS stream in Tomcat?
From: Colin McKinnon (colin@EditMeOutUnlessYoureABot.wew.co.uk)Date: 01/08/02
- Previous message: Security Alert: "Sec. Vulnerability with filesystem deadlock"
- In reply to: Jesse: "How to grab the raw HTTPS stream in Tomcat?"
- Next in thread: Sam K.: "Re: How to grab the raw HTTPS stream in Tomcat?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Colin McKinnon" <colin@EditMeOutUnlessYoureABot.wew.co.uk> Date: Tue, 8 Jan 2002 08:27:23 -0000
Jesse <javajesse@yahoo.com> wrote in message
news:b7ce2e9b.0201071412.45e51f30@posting.google.com...
> The customer will already have been given a unique x509 certificate to
> install in their browser. The raw data from the HTTPS post is an
> auditable guarantee that the data was created by that specific
> customer (we can decrypt the data to read it, but nobody but the
> customer could have created it in the first place). I will link all
> orders to their corresponding HTTPS request data, so in the case of an
> audit, we can guarantee the authenticity of each order in the system
> by comparing it to the raw HTTPS data.
>
You might want to look at a proxy which supports a simple plugin type of
recorder - e.g. delegate or squid. See freshmeat.net for URLs.
HTH
Colin
- Previous message: Security Alert: "Sec. Vulnerability with filesystem deadlock"
- In reply to: Jesse: "How to grab the raw HTTPS stream in Tomcat?"
- Next in thread: Sam K.: "Re: How to grab the raw HTTPS stream in Tomcat?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
