beautypg.com

Secure data transfer, Figure 40: mode 1 - java security not activated, 1 secure data transfer – Siemens Java TC65 User Manual

Page 70

background image

TC65 JAVA User's Guide
Strictly confidential / Released

s

TC65 JAVA User's Guide_V05

Page 70 of 90

26.09.2005

11.1

Secure Data Transfer

This feature makes it possible for MIDlets to use safe data links to external communications
partners. The specification IMP 2.0 defines two java classes with this characteristic -
HTTPSConnection and SecureConnection.

The Siemens implementation follows the recommendations in IMP 2.0:

HTTPSConnection
• HTTP over TLS as documented in

RFC 2818

and TLS Protocol Version 1.0 as

specified in

RFC 2246

.


SecureConnection
• TLS Protocol Version 1.0 as specified in

RFC 2246


Two Java Security modes exist for safe data links.
Mode 1:
• Java Security not activated
• No examination of the server certificate takes place when setting up the connection. The

authenticity of the server certificate is not verified. (Figure 40: Mode 1 - Java Security not
activated)


Mode 2 (see 11.2.1 Change to Secured Mode):
• The server certificate is examined when setting up a connection. Two configurations are

valid. The server certificate is identical to the certificate in the module (both certificates are
self signed root certificates) or the server certificate forms a chain with the certificate of
the module. Thus the authenticity of the server certificate can be examined with the help
of the certificate of the module. (Figure 41: Mode 2 - Java Security activated and

Figure 42: Mode 2 - Java Security activated)

HTTPS Server

public key from
owner of the
certificate

Server

Certificate

(X.509)

TCP/IP Connection

Module

private key

from owner of

the certificate

no check of

the certificate

by the module

Figure 40: Mode 1 - Java Security not activated