1. pre-installed certificate authorities

2. ssl/tls encription

ssl/tls handshake flow:

1. exchange digital certificate

2. generate shared secret key:

  SSL and TLS use a combination of symmetric and asymmetric encryption to ensure message privacy. During the SSL or TLS handshake, the SSL or TLS client and server agree an encryption algorithm and a shared secret key to be used for one session only. All messages transmitted between the SSL or TLS client and server are encrypted using that algorithm and key, ensuring that the message remains private even if it is intercepted. SSL supports a wide range of cryptographic algorithms. Because SSL and TLS use asymmetric encryption when transporting the shared secret key, there is no key distribution problem.

After the shared secret key generated, SSL/TLS uses the shared secret key for the symmetric encryption in later communication.

basic concept:

1. digital signature: encrypted with privated key

2. certificate: public key of the subject

3. MAC: MEssage Authentication Code

4. certificate chain

how browser supports https的更多相关文章

  1. Fiddler无法抓取某些APP的HTTPS请求,无解!!!

    遇到有些APP的HTTPS请求无法抓取!错误提示: !SecureClientPipeDirect failed: System.Security.Authentication.Authenticat ...

  2. 测试你的浏览器是否支持WebGL(Does My Browser Support WebGL)

    测试你的浏览器是否支持WebGL(Does My Browser Support WebGL) 关于WebGL:WebGL是一种3D绘图标准,这种绘图技术标准允许把JavaScript和OpenGL ...

  3. commonJS — 浏览器操作(for Browser)

    for Browser github: https://github.com/laixiangran/commonJS/blob/master/src/forBrowser.js 代码 /** * C ...

  4. Javascript检测浏览器对CSS属性的支持 /* supports */

    //检测浏览器对CSS属性的支持 supports = (function() { var div = document.createElement('div'), vendors = 'Khtml ...

  5. trust an HTTPS connection

    https://zh.wikipedia.org/wiki/传输安全协议 SSL协议客户端要收发几个握手信号: 发送一个“ClientHello”消息,内容包括:支持的协议版本,比如TLS1.0版,一 ...

  6. web性能权威指南(High Performance Browser Networking)

    web性能权威指南(High Performance Browser Networking) https://www.cnblogs.com/qcloud1001/p/9663524.html HTT ...

  7. trust an HTTPS connection 安全协议 随机数 运输层安全协议 应用层安全协议 安全证书

    小结: 1.HTTPS存在不同于HTTP的默认端口及一个加密/身份验证层(在HTTP与TCP之间) HTTPS(全称:Hyper Text Transfer Protocol over Secure ...

  8. MDN Browser Compatibility Report 2020

    MDN Browser Compatibility Report 2020 top pain point https://mdn-web-dna.s3-us-west-2.amazonaws.com/ ...

  9. php+websocket搭建简易聊天室实践

    1.前言 公司游戏里面有个简单的聊天室,了解了之后才知道是node+websocket做的,想想php也来做个简单的聊天室.于是搜集各种资料看文档.找实例自己也写了个简单的聊天室. http连接分为短 ...

随机推荐

  1. POJ1456 Supermarket —— 贪心 + 路径压缩优化

    题目链接:http://poj.org/problem?id=1456 Supermarket Time Limit: 2000MS   Memory Limit: 65536K Total Subm ...

  2. LightOJ1138 —— 阶乘末尾0、质因子分解

    题目链接:https://vjudge.net/problem/LightOJ-1138 1138 - Trailing Zeroes (III)    PDF (English) Statistic ...

  3. nginx-upsync-module安装

    1.安装nginx-upsync-module wget https://github.com/weibocom/nginx-upsync-module/archive/master.zip 作用:n ...

  4. void类型和void *指针类型(网上摘抄总结)【转】

    http://www.blogjava.net/fhtdy2004/archive/2009/07/09/286004.html 现在在学linux编程过程中遇到很多void *指针类型,由于c很早学 ...

  5. socket即时聊天

    服务端 package com.luhan.text; import java.awt.BorderLayout; import java.awt.Color; import java.awt.Gri ...

  6. BZOJ1566 【NOI2009】管道取珠

    题面 这是一道DP神题,直到我写下这句题解时也没有想明白…… 首先,这道题要我们求所有(不同输出序列的方案数)的平方和,于是我们当然就想到求所有不同输出序列的方案数……(大雾) .这道题一个巧妙的地方 ...

  7. XML简介——可扩展标记语言(Extensible Markup Language)

    (What) XML是什么? XML指可扩展标记语言(Extensible Markup Language) 1.  XML是一种标记语言,类似HTML. 2.  XML具有自我描述性 3.  XML ...

  8. POJ1236 Network of Schools (强连通分量,注意边界)

    A number of schools are connected to a computer network. Agreements have been developed among those ...

  9. c++之cin/cin.get/cin.getline()详解

    C++输入过程中,是把输入加载到缓冲区中,然后对缓冲区中的字符进行读取.cin,cin,get(),cin.getline()三个函数虽然都能进行数据读取,但是它们对缓冲区内数据的处理方法是不同的(如 ...

  10. bzoj 4260 Codechef REBXOR——trie树

    题目:https://www.lydsy.com/JudgeOnline/problem.php?id=4260 一段的异或和就是两个前缀的异或和.正反扫两边,用trie树算每个位置为左/右端点时最大 ...