On Sat, Feb 27, 2010 at 11:59 PM, Attila Nagy firstname.lastname@example.org wrote:
What would I like to do:
- authenticate and authorize connecting clients with their SSL certificates
- securely transfer arbitrary (binary and json) data from and to the
clients (both the server and client would be twisted)
If you're using SSL, then points 1 and 2 are the responsibility of SSL, not AMP, and you should be fine.
- protect the server from malicious clients
I can't really comment on this, as I haven't studied the AMP implementation much; I think there are some built-in limits which will protect against certain kinds of resource DoS, but hopefully somebody else can comment in more detail.