IP networking Interfaces User's Guide

TC65 JAVA User's Guide

Strictly confidential / Released

TC65 JAVA User's Guide_V05 Page 70 of 90 26.09.2005

11.1 Secure Data Transfer

This feature makes it possible for MIDlets to use safe data links to external communications

partners. The specification IMP 2.0 defines two java classes with this characteristic -

HTTPSConnection and SecureConnection.

The Siemens implementation follows the recommendations in IMP 2.0:

HTTPSConnection

• HTTP over TLS as documented in RFC 2818

and TLS Protocol Version 1.0 as

specified in RFC 2246

SecureConnection

• TLS Protocol Version 1.0 as specified in RFC 2246

Two Java Security modes exist for safe data links.

Mode 1:

• Java Security not activated

• No examination of the server certificate takes place when setting up the connection. The

authenticity of the server certificate is not verified. (Figure 40: Mode 1 - Java Security not

activated)

Mode 2 (see 11.2.1 Change to Secured Mode):

• The server certificate is examined when setting up a connection. Two configurations are

valid. The server certificate is identical to the certificate in the module (both certificates are

self signed root certificates) or the server certificate forms a chain with the certificate of

the module. Thus the authenticity of the server certificate can be examined with the help

of the certificate of the module. (Figure 41: Mode 2 - Java Security activated and

• Figure 42: Mode 2 - Java Security activated)

HTTPS Server

public key from

owner of the

certificate

Server

Certificate

(X.509)

TCP/IP Connection

Module

private key

from owner of

the certificate

no check of

the certificate

by the module

Figure 40: Mode 1 - Java Security not activated