As I understand it wasn't possible to achieve end-to-end security when using an operator hosted WAP gateway with WAP 1.1 since the information always passes through the gateway in "plain text". Has this been solved in WAP 1.2? If this is true, can anyone explain how?
Posted by Robert Granberg, firstname.lastname@example.org
on August 22, 2000 at 21:59
Posted by Robert Kiendl, email@example.com
on August 23, 2000 at 16:09
A far i understood from the papers issued form the wapform wtls 1.1 supports syncronous and wtls 1.2 asyncronous encryption between the handset and the wap gateway. an endpoint to endpoint encryption is not implemented so far. so aslong encryption work over gateways you have always concern about the "clear text" phase on the gateway.