Benefits of HTTPS
Jonathan E Terry
jeterry@pso.siu.edu
Mon, 8 Jul 2002 11:01:13 -0500
--Alt-Boundary-13390.963099423
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
>Is there any need to launch the Mindterm 2.1 SSH applet from a HTML page
>through HTTPS? I want to avoid typing my password in the Mindterm applet
>window, and having it sent in cleartext.
No need, unless you are wanting, for any one of several reasons, the applet
request to be send and recived via SSL. As far as sending clear text, I assume you
are using Mindterm as a SSH client. In which case it doesn't send any data including
the password and the userid in clear text. It sends all data via encrypted either
SSHv1 or v2 depending on the applet settings. Not send passwords at all is a
different matter entirely, you have to use SSH keys. There are howto's on this
subject that include information on using Mindterm specifically.
Additionally, as an network aware applet nothing that it sends or recieves is
bound by the protocol of web server connection in question. What I mean by this is
that irreguardless of whether the web connection is SSL (HTTPS) or not really
doesn't matter. The applet sends it's data to the SSH server in question via
Mindterms own SSH implementation.
>Also, if I do use HTTPS, will the applet work more slowly? Will the bytecode
>go over HTTPS, or does Java has its own transport?
No it won't work slower. It may however depending upon a number of
factors
including browser and web server configuration it may initially load slower. But
unless your connection, the server, or the workstation in question are slow this
should not be noticeable.
Jonathan
/****************************************/
/* Jonathan Terry
/* LAN Administrator
/****************************************/
/* MC6727 -- Plant & Service Operations
/* Southern Illinois University
/* Carbondale, IL 62901
/* U.S.A. Ph# 618.453.1344
/* Fax# 618.453.3295
/****************************************/
/* jeterry@pso.siu.edu
/* jeterry@siu.edu
/****************************************/
/* "I'm in 386 enchanted mode." */
--Alt-Boundary-13390.963099423
Content-type: text/html; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
<body>
<div align="left"><font face="Arial" color="#ff0000"><span style="font-size:10pt"><i>>Is there any
need to launch the Mindterm 2.1 SSH applet from a HTML page</i></span></font></div>
<div align="left"><font face="Arial" color="#ff0000"><span style="font-size:10pt"><i>>through HTTPS?
I want to avoid typing my password in the Mindterm applet</i></span></font></div>
<div align="left"><font face="Arial" color="#ff0000"><span style="font-size:10pt"><i>>window, and
having it sent in cleartext.</i></span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt"> No
need, unless you are wanting, for any one of several reasons, the applet </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">request to be send and recived via
SSL. As far as sending clear text, I assume you </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">are using Mindterm as a SSH client. In which case it doesn't send any data including </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">the password and the userid in clear
text. It sends all data via encrypted either </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">SSHv1 or v2 depending on the applet
settings. Not send passwords at all is a </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">different matter entirely, you have
to use SSH keys. There are howto's on this </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">subject that include information on
using Mindterm specifically.</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt"> Additionally,
as an network aware applet nothing that it sends or recieves is </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">bound by the protocol of web server
connection in question. What I mean by this is </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">that irreguardless of whether the
web connection is SSL (HTTPS) or not really </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">doesn't matter. The applet sends
it's data to the SSH server in question via </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Mindterms own SSH implementation.</span></font></div>
<div align="left"><br>
</div>
<div align="left"><font face="Arial" color="#ff0000"><span style="font-size:10pt"><i>>Also, if I
do use HTTPS, will the applet work more slowly? Will the bytecode</i></span></font></div>
<div align="left"><font face="Arial" color="#ff0000"><span style="font-size:10pt"><i>>go over HTTPS,
or does Java has its own transport?</i></span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt"> No
it won't work slower. It may however depending upon a number of
factors </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">including browser and web server configuration
it may initially load slower. But </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">unless your connection, the server,
or the workstation in question are slow this </span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">should not be noticeable.</span></font></div>
<div align="left"><br>
</div>
<div align="left"><br>
</div>
<div align="left"><br>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">Jonathan</span></font></div>
<div align="left"><br>
</div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/****************************************/</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* Jonathan Terry</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* LAN Administrator</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/****************************************/</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* MC6727 -- Plant &
Service Operations</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* Southern Illinois University</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* Carbondale, IL 62901</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* U.S.A. Ph# 618.453.1344</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* Fax#
618.453.3295</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/****************************************/</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* jeterry@pso.siu.edu</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* jeterry@siu.edu</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/****************************************/</span></font></div>
<div align="left"><font face="Arial"><span style="font-size:10pt">/* "I'm in 386 enchanted
mode." */</span></font></div>
<div align="left"></div>
</body>
--Alt-Boundary-13390.963099423--