O'Reilly logo

Network Programming with Rust by Abhishek Chanda

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing the web

In a previous chapter, we studied HTTP. We noted how important it has been in making our lives easier. However, HTTP is vulnerable to a range of attacks that might result in leaking the payload. Thus, it was necessary to add some form of security between parties using HTTP to communicate. RFC 2818 proposed HTTPS (HTTP Secure) as a version of HTTP that uses a secure streaming protocol underneath. Initially, this was Secure Socket Layer (SSL), and later evolved into Transport Layer Security (TLS).

The basic scheme of things goes like this:

  • The Client and Server establish a TCP connection.
  • The Client and Server agree upon a cipher and hash function to use throughout the connection. For this, the client sends a list of ciphers ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required