You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.
We're looking at upgrading to #6 and I understand that during install and from that point forward during regular operation, the cart on our server must communicate back to Kryptronic's servers?
What is the purpose of this, how are these transactions secured and what data are transmitted and with what frequency?
Thanks.
Offline
I believe that the only times there is communications between your server and Kryptronic's is during registration and during installs and upgrades.
Offline
Here are the times when the Kryptronic Central Server is contacted by the software:
(1) Installation (to register & install the software)
(2) Software Updates (to register & update the software)
(3) Upon each Management Interface login (to verify license info)
(4) Configuring UPS Online Tools connection (to get developer's key)
(5) Downloading server news in Management Interface (to get news)
These communications are done in a manner where if the Kryptronic Central Server is offline, operations continue as normal.
Offline
And how are these transactions secured or it it by HTTP?
There is a clear security consideration here that previous versions did not raise.
Offline
It does raise the question that an open communication between your scripts on my server by an open protocol could become a security consideration if a hole or vulnerability exists in your scripts.
Offline
The communication system deployed is a one-way system. The client (your install) requests info via XML over HTTP from our server which replies with an XML response. The client validates itself with it's application URL and license key. Once validated our server issues the proper response based on the client's request. The communication stream is never prompted by (nor can it be prompted by) the server. All outbound communication from the client to the server is handled within restricted namespaces and program regions. Basically the system is deployed in such a way where there's no way to exploit it.
Offline
What happens if Nick is hit by a bus and Kryptonic goes away or closes down? What if, Kryptonic servers die for several days, or longer. What it?
Every one who is using the new system will no longer be able to access the admin area.
Morbid question but a real question.
Shi# happens.
Offline
Having had an Internet outage that lasted for 3 days last week I can tell you that you'll still be able to get into admin but it'll take a while to time out. I was able to continue to work off-line with no connectivity whatsoever.
Offline
mrguy, Nick posted an answer earlier in this thread.
webmaster wrote:
These communications are done in a manner where if the Kryptronic Central Server is offline, operations continue as normal.
Offline