Re: Sockets,Push and Security

Roland Schemers (Roland.Schemers@Eng)
Wed, 28 Jan 1998 14:38:44 -0800 (PST)

Message-Id: <199801282238.OAA26865@crypto.eng.sun.com>
Date: Wed, 28 Jan 1998 14:38:44 -0800 (PST)
From: Roland Schemers <Roland.Schemers@Eng>
Subject: Re: Sockets,Push and Security
To: java-security@web1.javasoft.com, CarlKlapper@1stmtg.com

> The ability of an applet to create a server socket on the client machine
> would be a natural implementation of push and, with a restriction of
> only accepting connections from the originating machine, would satisfy
> the security restrictions in place for client sockets on the client
> machine. There does not appear to be any such capability. If there is,
> where is it? If there is not, why not?

It is my understanding that applets are allowed to:

- listen on non-privilged ports (>=1024)

- connect and accept connections from the host/server they came from

Thus it sounds like they should be able to create a server socket, and
accept connects from the server they came from. Is this not your
experience?

thanks, roland