SSL 安全
Terms
- Digest: main content’s hash result
- Signature: a encrypted digest by private key
- Certification: contain public key, meta info and all above’s CA signature
- Passphrase: symmetric password
- Recipient: public key
- Identity: private key
Features
传递密码:通过公钥传递密码 ( Browser send symmetric secret key to server, it’s not only efficiency concern, but also one pair of asymmetrical key can only take encrypt effect at one way )
验证身份:能解密就能确认对方身份,因为当前公钥的 pair 只有一个人/组织会有。并且只存在解密成功与否,不存在解密结果是否正确
防止篡改:解出 digest 后,和主体内容的 hash 比较,如果不一致,就是被篡改了