Security ws-security and transport

Question

Security ws-security and transport

I cannot understand the following: WS-Security and https are presented as alternatives.
The problem, although with https (as described), is that there are intermediaries, that is, proxies between the client and the server.
Then we can work with arround and guarrantee in terms of point, for example. between the proxy and the server, but not from end to end.
Thus, we can:

Client <- (secure) → Proxy <- (secure) → Server

But that is not equal

Client <--(secure)--> Server

So why is it not guaranteed from end to end? Can anyone give a concrete example?
Also, if I don't have a proxy on my network, does that mean https is ok?
Conversely, if I have a proxy, SHOULD I use WS-Security instead?
Thanks you

0

java soap web-services https ws-security

Cratylus Jan 03 '11 at 17:21

source share

1 answer

Eugene Mayevski 'Allied Bits · Accepted Answer · 2011-01-03 18:05

Your understanding is not entirely correct. With HTTPS, your communication is secure between the client and server. The proxy does not know anything about this, except for one - the host with whom you are talking. This is achieved using the HTTPS proxy server (HTTP Connect command, see RFC 2616). Therefore, there is no problem with HTTPS (I do not know where you found the opposite).

Security ws-security and transport

More articles: