HTTP Message Signatures explained скачать в хорошем качестве

HTTP Message Signatures explained

🔥More exclusive content: https://productioncoder.com/you-decid... Twitter:   / _jgoebel   Website: https://jangoebel.com Blog: https://productioncoder.com HTTP Message Signatures: https://www.ietf.org/archive/id/draft... Structured Field Values RFC: https://www.rfc-editor.org/rfc/rfc894... 00:00 Introduction 03:34 What problem does HTTP Message Signatures solve 05:22 What other options do we have to achieve authenticity and integrity? 06:55 How HTTP Message signatures provide end-to-end authenticity and integrity 09:05 HTTP Message Components 11:43 Speciality Components 12:42 signature-params Speciality component 14.29 How to generate HTTP message signatures 19:58: multiple signatures by multiple signers with different algorithms 21:59 How to sign the body with HTTP Message Signatures 23:42 Summary 25:02 Conclusion HTTP message signatures provide a way to create and verify digital signatures and MACS over dedicated components of an HTTP message. It aims at providing end-to-end authenticity and integrity over an HTTP message - even if the HTTP message might be modified along the way without changing its semantics (e.g. re-ordering header fields, adding / removing specific headers, adding or removing whitespace). The draft is designed to provide applications sitting behind (maybe TLS-terminating) proxies the ability to be sure that the message comes from the purported source and that the message has not been altered in an unauthorized manner. It allows the singer to specify an ordered set of canonicalized HTTP message components (HTTP fields or speciality components) and additional metadata about the signature such as creation and expiration date to allow the verifier to re-create the signature input string. Since the verifier is now able to re-create the input string it is able to verify the signature by either making use of a public key or by leveraging a shared secret in case MACs are used. In general it is recommended to rather rely on public key cryptography than on HMACs because having symmetric keys is a security risk that can easily be avoided.