Hi all,
We have a requirement to encrypt communications between a mobile App and IS.
We are proposing using JSON in REST over HTTP for communication but would like to either:
a) Encrypt the payload
b) Encrypt the channel (HTTPS).
I have looked at Bouncy Castle and it has a lightweight API but doesn’t compile in MD as we are missing java.security… in our CLDC library.
Do we support HTTPS?
Cheers
Ian
Some customers are using Bouncy Castle, but I think a few tweeks are required to the Bouncy Castle source, Matt (cc’ed) is the resident expert on Bouncy Castle). John
Hi Ian,
As John said we’ve had customers use some parts of Bouncy Castle , their lightweight distribution isn’t actually that light weight and from release to release it does tend to break things. We’ve also found it has very nasty static proxy issues with all it’s interleaving of initialisation. I’ll maybe revisit their latest snapshot when I get a chance. We’ve actually got encryption integration in various places on the roadmap currently to hopefully provide something out the box ready to go.
We do however support HTTPS already and have done for some time, so you shouldn’t have too many problems using that in this instance.
Cheers,
Matt