Hi, I'm trying to figure out what happens when I view a WAP 1.2-compliant WML page using a WAP 2.0 phone.
In WAP 1.2, when you send a request for a WML page, it is retrieved by the network's gateway over HTTP, and then compiled into a binary WMLC file before forwarding back to the phone over WAP (using a separate transport technology than HTTP). In WAP 2.0, this whole sordid process is bypassed and the gateway serves only as a standard web proxy - the phone sends its page request over HTTP and is passed through by the gateway straight on to the destination web server, and the response is similarly sent directly to the phone over HTTP.
What I want to know is what happens when you use a WAP 2.0-capable phone to request an old-style WML page? Does it use the WAP 1.2 system of transmission to the gateway, HTTP translation, binary compilation on the gateway, etc? Or is a WAP 2.0 phone capable of making the entire request over HTTP and interpreting the raw, uncompiled WML page itself?
The main reason I want to know is security reasons. I've been developing pages in WML that I want to secure over HTTPS, and I want to know if, when I request these WML pages using a WAP 2.0 phone, will the HTTPS connection be made straight to the web server, or will it use old-style WAP WTLS security to the gateway, whereupon the secured data is exposed to the unsecured gateway before being re-encrypted over HTTPS for the request to the server (and vice-versa on the way back).
I suspect if I want to bypass the poor security inherent in the WTLS-HTTPS translation process, I'll have to rewrite my pages in XHTML-MP. But it seems possible that modern WAP 2.0 phones might do all the requesting themselves, even in the case of WML pages. Anyone know which it is?