web-socket-js icon indicating copy to clipboard operation
web-socket-js copied to clipboard
verified publisher icon gimite

Use flash.net.SecureSocket instead of com.hurlant.crypto.tls.TLSSocket

Open luciferous opened this issue 14 years ago • 11 comments

luciferous avatar Apr 20 '11 20:04 luciferous

For easy reference: http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/SecureSocket.html.

Known issue with Linux: http://forums.adobe.com/message/3565880?tstart=0.

luciferous avatar Apr 20 '11 20:04 luciferous

What's advantage using SecureSocket?

gimite avatar Apr 20 '11 21:04 gimite

It sounds like something worthwhile in the long-run, but the Linux issue is a problem.

Also, I note on the page that SecureSocket doesn't allow overriding self-signed certs easily which would be a major impediment for development. It's unclear to me from the description if a self-signed cert that is accepted manually by the browser would also be accepted by SecureSocket (which is how native WebSockets work in firefox). And it might differ between browsers how the trust chain works for SecureSocket.

So I would personally be cautious of switching until SecureSocket is proven out on multiple browsers and OS platforms.

Although, since I am the one who added the as3crypto support I could be biased. ;-)

kanaka avatar Apr 20 '11 23:04 kanaka

I'm interested in maintaining a branch with SecureSocket. Hopefully it matures to acquire feature-parity with as3crypto.

@gimite The advantage of using something native to Flash is eliminating the need to rely on a 3rd party dependency.

luciferous avatar Apr 21 '11 18:04 luciferous

Would this also reduce the swf file size? I seem to remember it got a lot bigger when the wss support was added. Would be a big win :)

mloughran avatar Apr 21 '11 23:04 mloughran

If the advantage is just that it's standard library and it possibly reduces SWF file size, but it has some issues such as one in Linux, then I will not switch to SecureSocket for now. 172KB wouldn't be much issue with network/devices recently...

gimite avatar Apr 22 '11 04:04 gimite

@gimite Would you be open to host a SecureSocket branch?

luciferous avatar Apr 22 '11 18:04 luciferous

I don't plan to do that myself for now. It's open source, so anyone who want can do it.

gimite avatar Apr 23 '11 07:04 gimite

I think hurlant feels safer.

ghost avatar Aug 28 '11 16:08 ghost

Related note: #122 reported that SSL communicatoin fails with current implementation in some environment and the issue doesn't happen with SecureSocket.

gimite avatar Aug 31 '12 12:08 gimite

i use Netty and SecureSocket in my App. it works on iOS ,but not work on android . on android the SecureSocket.serverCertificateStatus value is invalid . does any body know how to solve this problem? and shat "user-permission" should config ?

leefj avatar Dec 21 '16 08:12 leefj