how browser supports https
1. pre-installed certificate authorities
2. ssl/tls encription
ssl/tls handshake flow:
1. exchange digital certificate
2. generate shared secret key:
SSL and TLS use a combination of symmetric and asymmetric encryption to ensure message privacy. During the SSL or TLS handshake, the SSL or TLS client and server agree an encryption algorithm and a shared secret key to be used for one session only. All messages transmitted between the SSL or TLS client and server are encrypted using that algorithm and key, ensuring that the message remains private even if it is intercepted. SSL supports a wide range of cryptographic algorithms. Because SSL and TLS use asymmetric encryption when transporting the shared secret key, there is no key distribution problem.
After the shared secret key generated, SSL/TLS uses the shared secret key for the symmetric encryption in later communication.
basic concept:
1. digital signature: encrypted with privated key
2. certificate: public key of the subject
3. MAC: MEssage Authentication Code
4. certificate chain
最新文章
- 利用浏览器LocalStorage缓存图片,视频文件
- IOCP入门
- 自行实现PHP代码注解特性
- noip2016复习
- JS常用的设计模式(8)——访问者模式
- Android Marquee
- java输出万年历
- byte数组如何转为short数组 (转)
- 【CF17E】Palisection(回文树)
- SVN客户端和服务器端下载地址
- python中sorted()和set()去重,排序
- 关于iframe跨域实践
- @RequestBody注解的参数仅仅读取一次的问题解决。
- hibernate 解决 java.lang.NoClassDefFoundError: org/hibernate/cfg/Configuration
- delphi 演示数据路径
- IIS下使用 HTTP/2
- 【Android】3.24 示例24--OpenGL绘制功能
- 理解域名插槽:slot-scope
- 控制器中添加DB类才可以操作数据库表中的数据
- iptables详解(12):iptables动作总结之一