Re: Use of IIOP (CORBA) in network firewalls (proposal)

From: Rudolf Schreiner (rasat_private)
Date: Tue May 26 1998 - 08:18:51 PDT

  • Next message: Laris Benkis: "Identifying End of Tx in FTP"

    On Tue, 19 May 1998, Luis Saiz wrote:
    > For those interested in CORBA & firewalls, yesterday a proposal was
    > submitted to OMG:
    IMHO this is a quite reasonable proposal. It supports simple server-side 
    firewalls (the "TCP firewall" is a kind of plug-gw with a faked IOR), 
    simple client-side firewalls (socks) and a real GIOP proxy. The TCP 
    firewall and socks are basically what we use today, it's simple and 
    proven technology. The GIOP proxy is much more complex, but has very nice 
    features (normal, passthrough, trusted, untrusted). It solves a big 
    problem of Java applet  security because the client applet always 
    connects to the GIOP proxy object. I also like the bi-directional GIOP.
    The weak side of the proposal is the missing CORBASEC and SecIOP. But IMO 
    it's to early to solve these (huge) problems now and the support of SSL/IIOP 
    is a very good step into the right direction. 
    Something else I miss it the simple transparent TCP proxy. 

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:59 PDT