1 Mar
2010
1 Mar
'10
1:33 a.m.
On Sat, Feb 27, 2010 at 11:59 PM, Attila Nagy
What would I like to do: 1. authenticate and authorize connecting clients with their SSL certificates 2. securely transfer arbitrary (binary and json) data from and to the clients (both the server and client would be twisted)
If you're using SSL, then points 1 and 2 are the responsibility of SSL, not AMP, and you should be fine.
3. protect the server from malicious clients
I can't really comment on this, as I haven't studied the AMP implementation much; I think there are some built-in limits which will protect against certain kinds of resource DoS, but hopefully somebody else can comment in more detail. -- mithrandi, i Ainil en-Balandor, a faer Ambar