cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Encryption: Mobilink 12 syncing to Mobilink 16

Former Member

on ‎07-22-2015 4:09 PM

0 Kudos

I have a situation where we are trying to upgrade to SQL Anywhere 16 to get the benefits of the TLS 1.1 encryption protocol.

The man calling the shots doesn't want to upgrade all of the client databases to SQLA 16, though.  Just the Consolidated database, where the MobiLink server is.


So what would happen if someone using MobiLink 12 syncs to a MobiLink 16 service connected to a SQLA 16 database?  Is this even possible?  And if so, would the synchronization use TLS 1.0 or TLS 1.1?


Thanks in advance!

Guy

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member188493
Contributor
‎07-22-2015 8:07 PM
0 Kudos

Historically, it is very common for both SQL Remote and MobiLink shops to have vast numbers of client sites using different versions of the client software, where "vast" means "thousands" :-)... big bang upgrades can be literally impossible (say, across ships on the ocean).

Getting specific... the V16 Help says "The version 16 MobiLink server can be used with clients that are version 11 or later."

TLS versions supported by V16 are discussed separately: "TLS versions 1.0 and 1.1 are supported."

That, plus an application of The Watcom Rule, gets us to 99% confidence that TLS 1.0 and 1.1 can be mixed across different clients.

You're going to have to test anyway ( riigggghht?  ) so you might as well try it now and see 🙂

Show replies
Show replies
Former Member
‎07-22-2015 8:39 PM
0 Kudos

Hi, Breck!  Good to speak to you again!  Hope all is well.

The end goal here is to ensure that all synchronizations are using TLS 1.1.

So that brings me to a few more questions -- mostly due to not knowing exactly how a TLS encryption protocol works behind the scenes...

Lets say a SQLA12 client initiates a sync to the ML16 server (as per my scenario).  Which of the following are more likely to happen?

  • The ML16 will create the entire encrypted connection between the two sockets, which will be encrypted with TLS 1.1?... OR...
  • The ML16 server will upload its data using TLS 1.1, and the SQLA12 client will upload its data using TLS 1.0?... OR...
  • The SQLA12 client creates the connection, using TLS 1.0?

We are trying to get a little more information before deciding to upgrade to SQLA16, and then we'd be able to test from there.

When starting to test, how can we determine which encryption protocol is actually being used?

Thanks!

former_member188493
Contributor
‎07-22-2015 9:22 PM
0 Kudos

According to point (2) The Watcom Implication, "If you want to know how Watcom does something, simply determine how it should be done."

Using that rule as a basis for this WAG: A MobiLink V12 client only understands TLS 1.0, and therefore can only send and receive TLS 1.0 traffic to and from the MobiLink V16 server. The MobiLink V12 client initiates the synchronization using TLS 1.0 and the MobiLink V16 server takes its cue from that.

So... Door Number Three... "The SQLA12 client creates the connection, using TLS 1.0".

For a real answer, plus any answer to "how can we determine which encryption protocol is actually being used?", try posting a new question... because people who know the answers might not read this question, because [deep breath] they think the mere existence of my responses means everything's been dealt with 🙂

former_member188493
Contributor
‎07-22-2015 9:29 PM
0 Kudos

There's another reason to upgrade: Version 17 has shipped so V12's days are numbered as far as bug fixes are concerned.

http://www.zenithgallery.com/artists/Stevens_Bradley/Out%20to%20PastureB.jpg

Ask a Question