BlackBerry Forums Support Community               

Closed Thread
LinkBack Thread Tools
Old 06-10-2005, 02:59 PM   #1 (permalink)
Thumbs Must Hurt
mark.hogan's Avatar
Join Date: Sep 2004
Model: 8700
Carrier: tmobile
Posts: 125
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Why on untrusted HTTPS and cookies

Please Login to Remove!

We are still learning about our new BES.

The default is no on the bes for allow untrusted https, and allow cookies to reside on the server.
What are the hazzards/benefits of allowing the https, and allowing cookies to reside on the server? It looks like the cookie deal allows the bb to not fill up so fast...

Pros - cons, and what your setting is.
Mark Hogan
Old 06-13-2005, 08:16 PM   #2 (permalink)
Talking BlackBerry Encyclopedia
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts

Allowing all untrusted HTTPS isn't too big of a problem, but it allows your user to connect to sites with bad/nonexistant SSL certs. It could prevent MITM attacks, or prevent your users from being duped into a bad HTTPS site. I say you should disallow access to untrusted SSL sites, and add sites' SSL certs as needed.
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Copyright 2004-2014
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.