BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 06-10-2005, 01:59 PM   #1 (permalink)
Thumbs Must Hurt
 
mark.hogan's Avatar
 
Join Date: Sep 2004
Model: 8700
Carrier: tmobile
Posts: 125
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Why on untrusted HTTPS and cookies

Please Login to Remove!

We are still learning about our new BES.

The default is no on the bes for allow untrusted https, and allow cookies to reside on the server.
What are the hazzards/benefits of allowing the https, and allowing cookies to reside on the server? It looks like the cookie deal allows the bb to not fill up so fast...

Pros - cons, and what your setting is.
__________________
Mark Hogan
Offline  
Old 06-13-2005, 07:16 PM   #2 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Allowing all untrusted HTTPS isn't too big of a problem, but it allows your user to connect to sites with bad/nonexistant SSL certs. It could prevent MITM attacks, or prevent your users from being duped into a bad HTTPS site. I say you should disallow access to untrusted SSL sites, and add sites' SSL certs as needed.
Offline  




Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.