GlassFish V2 is incorporating support for Comet through Grizzly and, as we gain more experience, we are improving this support. In his latest blog, Jean-Francois describes how to easily Secure the Comet Communication using SSL (not through a Cone of Silence). I'd expect continued improvements on Comet support through GF V2.

ECC (Elliptic Curve Cryptography) is a new, cryptographic protocol that is very appealing when security needs are high or computational power is limited (like mobile devices) and is gaining backing in the industry. The latest Sun WebServer (7.0 Technology Preview) has Support for ECC, and so do GlassFish - experimental so far -, and Java. In his latest blog, Jyri reports on actual measurements of the connection cost for different security protocols on Sun's WebServer and shows Big Improvements for ECC. Check it out!

The team of Sun's WebServer is a close relative of Project GlassFish and I feel a bit guilty I've not been able to keep up with all their interesting blogs in the last couple of months - maybe I'll be able to do some about it next week during Sun's USA shutdown...

Do you want security with the purchase you just did through your mobile? If so, learn about Elliptic Curve Cryptography (Wikipedia, Overview@Sun, ECC and IETF, SunLabs) as it significantly reduces the computational requirements needed to encrypt content. The latest news on ECC are Shing Wai's detailed instructions on How to Enable ECC in GlassFish / SJS AS 9.0. Do not miss this brief comment at the end: A preliminary benchmark of HTTPS with ECC in GlassFish on the Windows XP platform shows that the performance of ECC is double that of RSA... Also see ECC support in Sun's Web Server and ECC support in Java.

PS. I had missed an interesting entry by Shing Wai: Using SSL for EJB; you may want to also check that one out.