Comments on: Jazoon ’09: RIA and Security http://www.canoo.com/blog/2009/06/23/jazoon-09-ria-and-security/ Tue, 20 Dec 2011 10:26:36 +0100 hourly 1 http://wordpress.org/?v=3.0.1 By: M http://www.canoo.com/blog/2009/06/23/jazoon-09-ria-and-security/comment-page-1/#comment-97601 M Thu, 02 Jul 2009 10:08:13 +0000 http://canoo.com/blog/?p=451#comment-97601 " A secure transaction in this technical setting will operate under HTTPS, which in most instances will deal with this kind of attack." HTTPS wont deal with that kind of attacks at all. If connection is secure it only means that attack is taking place on encrypted connection. Encryption only secures man-in-the-middle type attacks. ” A secure transaction in this technical setting will operate under HTTPS, which in most instances will deal with this kind of attack.”

HTTPS wont deal with that kind of attacks at all.

If connection is secure it only means that attack is taking place on encrypted connection. Encryption only secures man-in-the-middle type attacks.

]]> By: Joonas Lehtinen http://www.canoo.com/blog/2009/06/23/jazoon-09-ria-and-security/comment-page-1/#comment-97045 Joonas Lehtinen Tue, 23 Jun 2009 15:42:45 +0000 http://canoo.com/blog/?p=451#comment-97045 I only gave some examples of frameworks. For server driven frameworks, only ICEFaces and Vaadin were mentioned. Canoos framework is also server driven and thus should have the same architectural security benefits as Vaadin does. The fundamental differences being that Canoo requires Java runtime on client-side and is commercial, while as Vaadin doesn\'t require any plugins and is free and open source (Apache 2.0). From the security point of view server driven frameworks (including Canoo) are just superior to client side frameworks. Client side frameworks have other benefits that server driven doesn\'t. Still the presentation was about security. I\'ll be around for the whole week - come to discuss more about the security on our booth. - Joonas I only gave some examples of frameworks. For server driven frameworks, only ICEFaces and Vaadin were mentioned. Canoos framework is also server driven and thus should have the same architectural security benefits as Vaadin does. The fundamental differences being that Canoo requires Java runtime on client-side and is commercial, while as Vaadin doesn\’t require any plugins and is free and open source (Apache 2.0).

From the security point of view server driven frameworks (including Canoo) are just superior to client side frameworks. Client side frameworks have other benefits that server driven doesn\’t. Still the presentation was about security.

I\’ll be around for the whole week – come to discuss more about the security on our booth.

- Joonas

]]>