http/https #182
giscus[bot]
Bot
Replies: 12 comments 5 replies
-
|
少了生成预主密钥这一步骤啊 |
Beta Was this translation helpful? Give feedback.
-
|
相比对称加密算法,非对称加密算法需要更多的计算资源!因此,我们使用计算效率高的对称加密算法加密 HTTP 内容,使用非对称加密算法加密对称加密算法的密钥。请看下面的过程:
K就是预主密钥 |
Beta Was this translation helpful? Give feedback.
-
|
我怎么觉得是,客户端拿到公钥验证后,生成一个对称密钥,使用公钥加密这个对称密钥,发送加密后密钥给服务端,服务端使用私钥接开后获得对称密钥。之后客户端,服务端使用对称密钥通讯。 |
Beta Was this translation helpful? Give feedback.
-
|
直接传递对称密钥,被破解不就完蛋了。。 |
Beta Was this translation helpful? Give feedback.
-
|
TLS 协商中,对称密钥的生成因子之一是双方生成的随机数,并不通过网络传输,只有自己知道。 |
Beta Was this translation helpful? Give feedback.
-
|
“客户端用公钥解密获取对称加密的密钥”,这不是扯犊子吗,公钥被别人知道了,你这公钥加密的信息被劫持了,别人不就能破解你的密钥 |
Beta Was this translation helpful? Give feedback.
-
|
谢谢提醒,我这里写错了,已修改。 |
Beta Was this translation helpful? Give feedback.
-
|
一把叫私钥或密钥(Private Key key),多了个单词 key |
Beta Was this translation helpful? Give feedback.
-
|
谢谢,已修改。 |
Beta Was this translation helpful? Give feedback.
-
|
CA 审核的重点 大概是验证域名是否所有权。 |
Beta Was this translation helpful? Give feedback.
-
|
有几处不大通顺的地方:
|
Beta Was this translation helpful? Give feedback.
-
|
“就能能解密”,多个字 |
Beta Was this translation helpful? Give feedback.
-
|
“服务器把公钥 A 明文给传输浏览器” ---> 明文传输给浏览器 |
Beta Was this translation helpful? Give feedback.
-
|
“中间人劫持密文,使用私钥 B 解密得到密钥 X。同时,密文继续转发给服务器。” 缺少使用公钥A加密的过程 |
Beta Was this translation helpful? Give feedback.
-
|
您好,7. 什么是数字证书,“接收方根据证书内容重新计算哈希值,并与数字签名 S 比对”这一句感觉容易产生误解,改为“接收方根据证书内容重新计算哈希值,与用CA的公钥解密数字签名 S 后的哈希值进行比对”更清晰 |
Beta Was this translation helpful? Give feedback.
-
|
请教下这个是如何做性能基准测试的呢,是使用nginx配置单个静态页面,使用jmeter这种压测工具吗? |
Beta Was this translation helpful? Give feedback.
-
您好,个人感觉这一部分属于“混合加密”范畴,即采用的是 “非对称加密传钥匙 + 对称加密传数据” 的模式。建议应该在介绍完非对称加密后,再衔接一个混合加密的章节,突然看到这有点不易懂。 |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
http/https
构建大规模高可用的分布式系统
https://www.thebyte.com.cn/http/https.html
Beta Was this translation helpful? Give feedback.
All reactions