I'm trying to improve security on our delphi datasnap server by adding PC1 and RSA filters on the TDSTCPServerTransport.Filters
It's not a problem to add the filters nor to connect a client afterwards, in fact I don't think anything is encrypted or more "safe", but I have to admit I don't fully understand how it's supposed to work.
Basically I want an encrypted communication between the client and the server, and I want to protect the server from exposing it's methods to any client who can read and list the server methods, except from those clients who knows the key to the encryption.
In my base example I'm able to connect the client regardless of filters added to the client. I found some documents, there are not exactly a lot of useful information on this topic, and if I understand them correctly the client will get the filters from the server and will be able to connect regardless of the PC1 key on the client matches the server.
I thought the keys had to match - working like kind of a pre shared key.
Can someone explain how it is supposed to work and what it will protect (and what not) if it's correctly set up? Is it possible to protect the exposed methods from being abused, it this to be done by combining PC1/RSA and roles, and can this be considered relative safe?
I did find the PC1DynamicKey but that only demonstrate dynamic keys.
I'm using XE8.