TC65 JAVA User's Guide
Strictly confidential / Released
s
11.1Secure Data Transfer
This feature makes it possible for MIDlets to use safe data links to external communications partners. The specification IMP 2.0 defines two java classes with this characteristic - HTTPSConnection and SecureConnection.
The Siemens implementation follows the recommendations in IMP 2.0:
HTTPSConnection
•HTTP over TLS as documented in RFC 2818 and TLS Protocol Version 1.0 as specified in RFC 2246.
SecureConnection
•TLS Protocol Version 1.0 as specified in RFC 2246
Two Java Security modes exist for safe data links.
Mode 1:
•Java Security not activated
•No examination of the server certificate takes place when setting up the connection. The authenticity of the server certificate is not verified. (Figure 40: Mode 1 - Java Security not activated)
Mode 2 (see 11.2.1 Change to Secured Mode):
•The server certificate is examined when setting up a connection. Two configurations are valid. The server certificate is identical to the certificate in the module (both certificates are self signed root certificates) or the server certificate forms a chain with the certificate of the module. Thus the authenticity of the server certificate can be examined with the help of the certificate of the module. (Figure 41: Mode 2 - Java Security activated and
•Figure 42: Mode 2 - Java Security activated)
| Server | |
| Certificate | |
| (X.509) | |
private key | public key from | |
owner of the | ||
from owner of | ||
certificate | ||
the certificate | ||
|
no check of
the certificate by the module
|
|
| TCP/IP Connection |
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
| ||
HTTPS Server | ||||||||||
|
|
|
|
| ||||||
Module | ||||||||||
Figure 40: Mode 1 - Java Security not activated
TC65 JAVA User's Guide_V05 | Page 70 of 90 | 26.09.2005 |