Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use flash.net.SecureSocket instead of com.hurlant.crypto.tls.TLSSocket #68

Open
luciferous opened this issue Apr 20, 2011 · 11 comments
Open

Use flash.net.SecureSocket instead of com.hurlant.crypto.tls.TLSSocket #68

luciferous opened this issue Apr 20, 2011 · 11 comments
Labels
feature request will not fix

Comments

@luciferous
Copy link
Contributor

No description provided.

@luciferous
Copy link
Contributor Author

For easy reference: http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/SecureSocket.html.

Known issue with Linux: http://forums.adobe.com/message/3565880?tstart=0.

@gimite
Copy link
Owner

gimite commented Apr 20, 2011

What's advantage using SecureSocket?

@kanaka
Copy link
Contributor

kanaka commented Apr 20, 2011

It sounds like something worthwhile in the long-run, but the Linux issue is a problem.

Also, I note on the page that SecureSocket doesn't allow overriding self-signed certs easily which would be a major impediment for development. It's unclear to me from the description if a self-signed cert that is accepted manually by the browser would also be accepted by SecureSocket (which is how native WebSockets work in firefox). And it might differ between browsers how the trust chain works for SecureSocket.

So I would personally be cautious of switching until SecureSocket is proven out on multiple browsers and OS platforms.

Although, since I am the one who added the as3crypto support I could be biased. ;-)

@luciferous
Copy link
Contributor Author

I'm interested in maintaining a branch with SecureSocket. Hopefully it matures to acquire feature-parity with as3crypto.

@gimite The advantage of using something native to Flash is eliminating the need to rely on a 3rd party dependency.

@mloughran
Copy link

Would this also reduce the swf file size? I seem to remember it got a lot bigger when the wss support was added. Would be a big win :)

@gimite
Copy link
Owner

gimite commented Apr 22, 2011

If the advantage is just that it's standard library and it possibly reduces SWF file size, but it has some issues such as one in Linux, then I will not switch to SecureSocket for now. 172KB wouldn't be much issue with network/devices recently...

@luciferous
Copy link
Contributor Author

@gimite Would you be open to host a SecureSocket branch?

@gimite
Copy link
Owner

gimite commented Apr 23, 2011

I don't plan to do that myself for now. It's open source, so anyone who want can do it.

@ghost
Copy link

ghost commented Aug 28, 2011

I think hurlant feels safer.

@gimite gimite mentioned this issue Aug 31, 2012
Open
@gimite
Copy link
Owner

gimite commented Aug 31, 2012

Related note: #122 reported that SSL communicatoin fails with current implementation in some environment and the issue doesn't happen with SecureSocket.

@leefj
Copy link

leefj commented Dec 21, 2016

i use Netty and SecureSocket in my App.
it works on iOS ,but not work on android . on android the SecureSocket.serverCertificateStatus value is invalid .
does any body know how to solve this problem?
and shat "user-permission" should config ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request will not fix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mloughran @gimite @luciferous @kanaka @leefj