wondering if restful webservice answer in case of enterprise application there security concerns such avoiding man-in-the-middle attacks, ensuring trusted client connecting, client being sure indeed talking real server etc.
is https solution? have read concerns being raised adequacy , fitment, although not-so-strong background in it/application security, don't quite understand, why so!
i see rest being talked (/ raved) about, , being projected the-thing, , see adoption picking up, can't seem understand why security thing isn't such big concern, , if is, can done it.
if serious securing service , avoiding man-in-the-middle attacks should issue certificates clients , accept requests signed certificates. more work , clients, in enterprise setting, effort may worth it. option worth looking into.
Comments
Post a Comment