[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about HTTPS

From: Charles Wilt <charles.wilt@xxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Question about HTTPS
Date: Thu, 12 Apr 2012 10:19:57 -0400

Why would the web service need to be "secure" if all you're sending it
is a word to be spell checked?

Now, if the web service were providing Credit Card authorization...I
could understand the need for it to be secure..

Perhaps you're spell checking health care or financial documents that
include personally identifiable information??

In any case, Scott's right that's a question the web service provider
must answer.

If on the other hand, you're asking if using web services opens up
your i then that question should be answered by your network admin.
If he/she is reasonably competent the answer should be no; as your
firewall should only allow inbound packets that are in direct response
to an outbound packet.  You don't need to open any holes in you
firewall to consume a web service like you would if you were hosting a
web service on your i.

HTH,
Charles

On Tue, Apr 10, 2012 at 10:17 AM, Ernie Gaudes
<egaudes@xxxxxxxxxxxxxxxxx> wrote:
>   Hello,
>
>
>   I attended the NEUGU conference last week and came back with all kinds
>   of good stuff. One that I found useful was the API HTTP open source.
>   Using this and a little help from one of the handouts from the
>   conference I was able to write a RPGLE program that consumed a web
>   service from the net. This web service is free and will spell check a
>   word or text. At this time I have an application in our ERP system
>   where this would be very helpful. I had a discussion about this web
>   service with our network manager and he had concerns about security. I
>   see that the API supports HTTP and HTTPS. How can I ensure that the
>   HTTPS is being used and how can I convince our manager that the web
>   service is secure?
>
>
>   Ernie Gaudes
>
>   Littleton Coin Co
>
>   Littleton NH
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: Question about HTTPS
  - From: Scott Klement

References:
- Question about HTTPS
  - From: Ernie Gaudes

Prev by Date: RE: Question about HTTPS
Next by Date: Re: Question about HTTPS
Previous by thread: RE: Question about HTTPS
Next by thread: Re: Question about HTTPS
Index(es):
- Date
- Thread