翻訳と辞書
Words near each other
・ Secure electronic delivery service
・ Secure Electronic Network for Travelers Rapid Inspection
・ Secure Electronic Registration and Voting Experiment
・ Secure Electronic Transaction
・ Secure end node
・ Secure environment
・ Secure Federal File Sharing Act
・ Secure Fence Act of 2006
・ Secure file transfer program
・ Secure file transfer protocol
・ Secure Flight
・ Secure Freight Initiative
・ Secure FTP (software)
・ Secure Hash Algorithm
・ Secure Hash Standard
Secure Hypertext Transfer Protocol
・ Secure input and output handling
・ Secure instant messaging
・ Secure Islands
・ Secure key issuing cryptography
・ Secure messaging
・ Secure Mobile Architecture
・ Secure Mobile Payment Service
・ Secure multi-party computation
・ Secure multicast
・ Secure Neighbor Discovery
・ Secure Network
・ Secure operating system
・ Secure Operations Language
・ Secure Password Authentication


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Secure Hypertext Transfer Protocol : ウィキペディア英語版
Secure Hypertext Transfer Protocol

Secure Hypertext Transfer Protocol (S-HTTP) is a little-used alternative to the HTTPS protocol for encrypting web communications carried over HTTP. It was developed by Eric Rescorla and Allan M. Schiffman, and published in 1999 as RFC 2660.
Web browsers typically use HTTP to communicate with web servers, sending and receiving information without encrypting it. For sensitive transactions, such as Internet e-commerce or online access to financial accounts, the browser and server must encrypt this information.
HTTPS and S-HTTP were both defined in the mid-1990s to address this need. S-HTTP was used by Spyglass's web server, while Netscape and Microsoft supported HTTPS rather than S-HTTP, leading to HTTPS becoming the ''de facto'' standard mechanism for securing web communications.
==Differences from HTTPS==
S-HTTP encrypts only the served page data and submitted data like POST fields, leaving the initiation of the protocol unchanged. Because of this, S-HTTP could be used concurrently with HTTP (unsecured) on the same port, as the unencrypted header would determine whether the rest of the transmission is encrypted.
In contrast, HTTPS wraps the entire communication within SSL, so the encryption starts before any protocol data is sent. This creates a "chicken and egg" issue with determining which DNS name was intended for the request, which means that implementations without Server Name Indication support require a separate IP per DNS name, and all implementations require a separate port (usually 443 vs. HTTP's standard 80)〔(Overview of S-HTTP )〕 for unambiguous use of encryption (treated in most browsers as a separate URI protocol, ''https://'').
In S-HTTP, the desired URL isn't transmitted in the cleartext headers, but left blank; another set of headers is present inside the encrypted payload. In HTTPS, all headers are inside the encrypted payload, and the HTTPS server application does not generally have the opportunity to gracefully recover from TLS fatal errors (including 'client certificate is untrusted' and 'client certificate is expired').

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Secure Hypertext Transfer Protocol」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.