documentation for open socket using certificate and key, sccept only ssl

[Mark Waddingham]

> In a similar vein, is there any way to make "open socket" only accept
> secure connections?  My workaround is to have the client send a message 
> to
> authenticate, and the server on connection uses "send in" to kill the
> socket if this hasn't happened within a timeout period.

Using 'open socket' just creates a basic TCP/IP socket stream which is 
unencrypted. When you use 'open secure socket' it creates both the basic 
stream and then wraps it in the SSL/TLS protocol which is encrypted.

As the 'secure' layer is a protocol layered on top of the basic byte 
stream, it requires both sides to be talking the 'secure' protocol - in 
particular, there is a handshake at the start that must happen to 
establish the initial (symmetric) encryption keys, then these are 
refreshed periodically throughout the transaction period. In short, if 
you attempt to open a non-secure connection to a secured socket the 
connection will not occur and you will get an error. i.e. 'secure 
sockets' will only talk to other other 'secure sockets'.

I think this is the behavior you are looking for, so you shouldn't need 
to do anything to manage secure / insecure mixes - if someone attempts 
to connect to your server socket in a non-secure fashion, then the 
server won't understand what the client is trying to do and the 
connection will error.

Mark.

-- 
Mark Waddingham ~ mark at livecode.com ~ http://www.livecode.com/
LiveCode: Everyone can create apps