I’m often asked “Why use BlackBerry Spark Communications Services SDK (*CS) over HTTPS/TLS”? It comes up often enough I thought this might make a useful blog post.
TLS (or in the past SSL) is the first place most developers go when they want to secure web traffic. HTTPS based web hosting or file transfers is the bulk of the internet these days (please tell me you're not using HTTP!)
Comparing *CS to TLS isn’t completely fair, because *CS includes all sorts of additional benefits that TLS requires you manage and control. But that is also the point of why you should look at *CS.
Here is a table to summarise the benefits of *CS over TLS.
Spark Communications Service SDK |
TLS |
Encryption is built in, no extra purchase required. |
Requires endpoints to have SSL certificates (yes that’s correct, we still call these SSL certs, not TLS certs) |
All encryption is managed in channel for a given domain. |
Certs must be either shared out of channel (ie self signed) or from a certified ROOT cert |
manages encryption for you, no additional management required by developer (or user). No PKI infrastructure required. |
1. Must manage CERTS yourself. (are they expired, etc) 2. You are responsible for choosing robust security key, reliable CA, etc. 3. Requires PKI infrastructure to support. |
End to End (E2E) encrypted |
Only data in transit is encrypted, terminates at server. If stored at server, additional work to secure required. |
Strong hashing (SHA-512 and Argon2id) by default |
|
Connections are ALWAYS guaranteed to be encrypted. |
Can fall back from HTTPS to HTTP, which is NOT secure. |
Spark plug in available for browsers, Node.js, with a simple download. |
TLS built into Browsers, Node.js, etc |
BlackBerry manages its own plugin, you can be sure security is most up-to-date available. |
All Vendors must update browsers, etc for latest releases and fixes. |
Security is tested and supported by BlackBerry for government, regulated and other industries. |
?????? |
Is a hardened SDK from a framework that has been in this space for over a decade[MS2] . |
TLS 1.2 is the latest rev commonly in use, evolved from earlier SSL. |
|
|
Additional Features
Its also a does Publish/Subscribe Services, Real time Chat, Voice and Video with support for notifications. If your interested in Chat, for example, we have attention to details such as digitally signed messages on a per message basis, not just per session.
There is a lot more to this great tool, have a look at it all here or if you want to dive right in, the SDK is found here.