http/https #182
giscus[bot]
bot
Replies: 9 comments 4 replies
-
|
少了生成预主密钥这一步骤啊 |
Beta Was this translation helpful? Give feedback.
-
|
我怎么觉得是,客户端拿到公钥验证后,生成一个对称密钥,使用公钥加密这个对称密钥,发送加密后密钥给服务端,服务端使用私钥接开后获得对称密钥。之后客户端,服务端使用对称密钥通讯。 |
Beta Was this translation helpful? Give feedback.
-
|
直接传递对称密钥,被破解不就完蛋了。。 |
Beta Was this translation helpful? Give feedback.
-
|
TLS 协商中,对称密钥的生成因子之一是双方生成的随机数,并不通过网络传输,只有自己知道。 |
Beta Was this translation helpful? Give feedback.
-
|
“客户端用公钥解密获取对称加密的密钥”,这不是扯犊子吗,公钥被别人知道了,你这公钥加密的信息被劫持了,别人不就能破解你的密钥 |
Beta Was this translation helpful? Give feedback.
-
|
谢谢提醒,我这里写错了,已修改。 |
Beta Was this translation helpful? Give feedback.
-
|
一把叫私钥或密钥(Private Key key),多了个单词 key |
Beta Was this translation helpful? Give feedback.
-
|
谢谢,已修改。 |
Beta Was this translation helpful? Give feedback.
-
|
CA 审核的重点 大概是验证域名是否所有权。 |
Beta Was this translation helpful? Give feedback.
-
|
有几处不大通顺的地方:
|
Beta Was this translation helpful? Give feedback.
-
|
“就能能解密”,多个字 |
Beta Was this translation helpful? Give feedback.
-
|
“服务器把公钥 A 明文给传输浏览器” ---> 明文传输给浏览器 |
Beta Was this translation helpful? Give feedback.
-
|
“中间人劫持密文,使用私钥 B 解密得到密钥 X。同时,密文继续转发给服务器。” 缺少使用公钥A加密的过程 |
Beta Was this translation helpful? Give feedback.
-
http/https
构建大规模高可用的分布式系统
https://www.thebyte.com.cn/http/https.html
Beta Was this translation helpful? Give feedback.
All reactions