[Ace-users] Re: [tao-users] Bidir GIOP and SSL

Johnny Willemsen jwillemsen at remedy.nl
Thu Jun 28 10:23:02 CDT 2007


Hi,

There have been many issues in the past with BiDIR and SSLIOP, try to
upgrade. I am not sure about the certificates, maybe make a quick prototype
first and see how things work.

Regads,

Johnny Willemsen
Remedy IT
Postbus 101
2650 AC  Berkel en Rodenrijs
The Netherlands
www.theaceorb.nl / www.remedy.nl  

*** Integrated compile and test statistics see
http://scoreboard.theaceorb.nl ***
*** Commercial service and support for ACE/TAO/CIAO             ***
*** See http://www.theaceorb.nl/en/support.html                 ***

<joerg.rockel at nsn.com> wrote in message
news:<mailman.1186.1183022234.5286.tao-users at mail.cse.wustl.edu>...

Hello experts :),

I've got a question about the coexistence of the Bidirectional GIOP and the
SSL protocol on TAO 1.4.10.
This answer is very crucial for our system design.
I hope you can help me with that.

Scenario:
########
Let's assume, we have a management system A and a target system B (running
TAO 1.4.10 with SSLIOP) 
Both systems use bidir. GIOP and SSL.
Certificates are ONLY stored on target system B, system A does NOT store any
certificates.

Management system A starts a Corba server (callback server) and target
system B starts another Corba server (request server).

Now the management system A starts a client and initiates an SSL connection.
After the successful handshake (with server authentication) it sends a
request to the target system B (request server).
In this message it sends the IOR of its own callback server.

After that the target system B sends a message to the callback server.


Questions:
#########
Does the TAO on  target system B REUSE the TCP/SSL connection, that is
already build between A and B?
In other words: Is it possible to have only ONE SINGLE TCP/SSL connection
between A and B?

Or do we need two separate connections, one for each direction?

And - is it possible to survive with certificates stored ONLY one the target
system B?
Or does the management system A also need certificates?

Thank you for answering and

Best Regards,
                      Jörg Rockel

_______________________________________
www.nokiasiemensnetworks.com <http://www.nokiasiemensnetworks.com/> 
Nokia GmbH, Nokia Networks
Heltorfer Str.1
D-40472 Düsseldorf Germany

Jörg Rockel 
Senior Software Design Engineer
> Research & Development
> 
Jörg Rockel at nsn.com <mailto:joerg.rockel at nsn.com> 
Mobile +49 (0)151 5515 3554
Fax +49 (0) 211 9412 3383
_______________________________________ 
The networks business area operates on behalf of Nokia Siemens Networks.

This message is confidential. If you have received this message in error,
please delete it from your system. You should not copy it for any purpose,
or disclose its contents to any other person. Internet communications are
not secure and therefore Nokia GmbH does not accept legal responsibility for
the contents of this message as it has been transmitted over a public
network. Thank you.
Nokia GmbH, Nokia Networks is a German Company. Further information about
the Company is available from its principal offices at Heltorferstrasse 1,
D-40472, Düsseldorf, Germany and from the website at http://www.nokia.com
<http://www.nokia.com/> 
Sitz der Nokia GmbH: Bochum Amtsgericht Bochum: HRB 4112;
Umsatzsteueridentifikationsnummer DE 811163 495; WEEE-Reg.-Nr. DE 51797011;
Vorsitzender des Aufischtsrates Veli Sundbäck; Geschäftsführer Timo Elonen,
Razvan Olosu (Sprecher), Klaus Goll, Dr. Ulrich Halka. Karsten Schilly 





----------



More information about the Ace-users mailing list