BlackBerry Forums Support Community

Closed Thread
LinkBack Thread Tools
Old 06-10-2005, 01:59 PM   #1 (permalink)
Thumbs Must Hurt
mark.hogan's Avatar
Join Date: Sep 2004
Model: 8700
Carrier: tmobile
Posts: 125
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Why on untrusted HTTPS and cookies

Please Login to Remove!

We are still learning about our new BES.

The default is no on the bes for allow untrusted https, and allow cookies to reside on the server.
What are the hazzards/benefits of allowing the https, and allowing cookies to reside on the server? It looks like the cookie deal allows the bb to not fill up so fast...

Pros - cons, and what your setting is.
Mark Hogan
Old 06-13-2005, 07:16 PM   #2 (permalink)
Talking BlackBerry Encyclopedia
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts

Allowing all untrusted HTTPS isn't too big of a problem, but it allows your user to connect to sites with bad/nonexistant SSL certs. It could prevent MITM attacks, or prevent your users from being duped into a bad HTTPS site. I say you should disallow access to untrusted SSL sites, and add sites' SSL certs as needed.

Copyright 2004-2016
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.