EldoS | Feel safer!

Software components for data protection, secure storage and transfer

declaration of conformity

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#15840
Posted: 02/22/2011 01:27:34
by Frank Munsberg (Standard support level)
Joined: 06/04/2009
Posts: 47

Some vendors have an official declaration of conformity saying something like "we only use documented API's in our products". Is there anything like that for SBB out there somewhere?
My boss asked me to get something like that because eventually someone here may have to approach one of our customers where our SFTP connections recently stopped working.
#15841
Posted: 02/22/2011 01:40:43
by Eugene Mayevski (EldoS Corp.)

Frankly speaking, I am a bit confused with the question. Using "documented APIs only" doesn't magically solve the connectivity issues. Proper description of the problem and cooperation in it's resolution does.

"SFTP connection suddenly stopped working" usually means one of two things:
1) the firewall was installed and not configured to allow your software to connect
2) the server software was upgraded and the new version broke compatibility with the client.

From our records I see that you use older version of SecureBlackbox (6 or 7).

SSH and SFTP protocol is a running target in the aspect of compatibility: the standard gives enough flexibility to the vendors to make some implementations incompatible with the standard itself. For example, "SSH window size" (the maximum size of single SSH-wrapped packet) can be as large as 256 Kb. We have a default setting of 32 Kb. But some badly written server have this limit to be as low as 8Kb. Consequently, to make our implementation work with such server we need to either recognize this server in code by it's name (this is done for some servers) or work with you to find out the source of the problem and then you can adjust the properties to solve this compatibility problem.

With each version of SecureBlackbox we improve compatibility, add detection of newer software versions (some servers get worse with newer versions) etc. . So we suggest that you also try SecureBlackbox 8.2 and see if it solves the problem.


Sincerely yours
Eugene Mayevski
#15842
Posted: 02/22/2011 03:02:58
by Frank Munsberg (Standard support level)
Joined: 06/04/2009
Posts: 47

It's more a political thing rather than magically solving the connectivity issue. I completely agree that from a technical point it doesn't solve anything. We're trying to get that particular installation to work but as things currently look, we'll have to talk that customer into changing things on their end. If some declaration like that existed it would make arguing with them easier, that's the whole point of it.

The fact that you adjust for some incompatible servers is a very good thing and it really saved us at least once back then.
Of course we'll try to use the newest version of SBB available at the time. Our next update will use SBB 8.2, in fact I've already compiled the general (S)FTP part with the new version yesterday.
#15844
Posted: 02/22/2011 03:18:00
by Eugene Mayevski (EldoS Corp.)

Ok, send the text you'd like to see (either here in attachment or via helpdesk), and I'll arrange something on the company letterhead.


Sincerely yours
Eugene Mayevski
#15849
Posted: 02/22/2011 05:02:19
by Frank Munsberg (Standard support level)
Joined: 06/04/2009
Posts: 47

Thank you very much. I'm no marketing guy (and certainly never wanted to be one) but if you can arrange something simple like.

===
We declare that SecureBlackBox only uses documented Microsoft API calls.
===

it would already be sufficient for us.
#15850
Posted: 02/22/2011 05:29:43
by Eugene Mayevski (EldoS Corp.)

Maybe you can confirm with your boss that this phrase would be enough? From legal / business letter point of view it's incomplete - i'd expand it to more complicated one. Also the term "only microsoft APIs" is quite broad. Next, Secureblackbox uses ZLib (conforming to it's license) for compression - how will we count it?


Sincerely yours
Eugene Mayevski
#16000
Posted: 03/08/2011 02:28:11
by Frank Munsberg (Standard support level)
Joined: 06/04/2009
Posts: 47

Sorry for taking that long. For us the -using only documented API- part would really be enough. If that also includes ZLib and you can make that statement that'd be fine too.
I don't know how long or complicated some business letter has to be. Maybe the legal people can wrap that simple statement up in something long and business-letter-worthy?
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 1267 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!