May 2022
Beginner to intermediate
756 pages
21h 30m
Korean
book
HTTP 완벽 가이드
by David Gourlry, Brian Totty, Lee Eung Jun, Sang -Il Jeong, Anshu Agarwal, Seilu Reddy, Marjorie Sayre
Content preview from HTTP 완벽 가이드
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
338
HTTP
3
부 식별, 인가, 보안
13.2
요약 계산
다이제스트 인증의 핵심은 공개된 정보, 비밀 정보, 시한부 난스 값을 조합한 단방
향 요약이다. 이제 요약이 어떻게 계산되는지 알아보자. 일반적으로 요약 계산은
간단하다.
10
부록 F에 샘플 소스 코드가 있다.
13.2.1
요약 알고리즘 입력 데이터
요약은 다음의 세 요소로부터 계산된다.
· 단방향 해시 함수 H(d)와 요약 함수 KD(s,d). 여기서 s는 비밀(secret)을, d는 데이
터(data)를 의미한다.
· 비밀번호 등 보안 정보를 담고 있는 데이터 덩어리. A1이라 칭한다.
· 요청 메시지의 비밀이 아닌 속성을 담고 있는 데이터 덩어리. A2라 칭한다.
A1, A2 두 조각의 데이터는 요약을 생성하기 위해 H와 KD에 의해 처리된다.
13.2.2
H
(
d
)와
KD
(
s
,
d
) 알고리즘
다이제스트 인증은 여러 가지 요약 알고리즘을 선택할 수 있도록 지원한다. RFC
2617에서 제안된 두 알고리즘은 MD5와 MD5-sess(‘sess’는 세션을 뜻한다)이며, 만
약 알고리즘이 정해지지 않았다면 MD5가 기본값이다.
MD5와 MD5-sess 중 어느 것이 사용되더라도, H 함수는 데이터의 MD5를 계산하
고, KD 요약 함수는 콜론으로 연결된 비밀 데이터와 일반 데이터의 MD5를 계산한
다. 즉
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.