home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Chip 2004 November
/
CMCD1104.ISO
/
Software
/
Complet
/
Apache
/
apache_2.0.52-win32-x86-no_ssl.msi
/
Data.Cab
/
F278560_ssl_intro.xml.ja
< prev
next >
Wrap
Extensible Markup Language
|
2004-09-06
|
32KB
|
723 lines
<?xml version='1.0' encoding='iso-2022-jp' ?>
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
<!-- English Revision: 1.3.2.7 -->
<!--
Copyright 2003-2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manualpage metafile="ssl_intro.xml.meta">
<parentdocument href="./">SSL/TLS</parentdocument>
<title>SSL/TLS $B0E9f2=(B: $B$O$8$a$K(B</title>
<summary>
<blockquote>
<p>$BI8=`5,3J$NNI$$=j$O!"$?$/$5$s$N5,3J$+$iA*$Y$k$H$$$&$3$H$@!#(B
$B$=$7$F!"$b$7K\Ev$K$I$N5,3J$b5$$KF~$i$J$1$l$P!"(B
$B0lG/BT$D$@$1$GC5$7$F$$$?5,3J$,8=$l$k!#(B</p>
<p class="cite">-- <cite>A. Tanenbaum</cite>, "Introduction to
Computer Networks"</p>
</blockquote>
<p>
$BF~Lg$H$$$&$3$H$G!"$3$N>O$O(B Web$B!"(BHTTP$B!"(BApache $B$KDL$8$F$$$k(B
$BFI<T8~$1$G$9$,!"%;%-%e%j%F%#@lLg2H8~$1$G$O$"$j$^$;$s!#(B
SSL $B%W%m%H%3%k$N7hDjE*$J<j0z$-$G$"$k$D$b$j$O$"$j$^$;$s!#(B
$B$^$?!"AH?%Fb$NG'>Z4IM}$N$?$a$NFCDj$N%F%/%K%C%/$d!"(B
$BFC5v$dM"=P5,@)$J$I$N=EMW$JK!E*$JLdBj$K$D$$$F$b07$$$^$;$s!#(B
$B$`$7$m!"99$J$k8&5f$X$N=PH/E@$H$7$F?'!9$J35G0!"Dj5A!"Nc$rJB$Y$k$3$H$G(B
mod_ssl $B$N%f!<%6$K4pACCN<1$rDs6!$9$k;v$rL\E*$H$7$F$$$^$9!#(B</p>
<p>$B$3$3$K<($5$l$?FbMF$O<g$K!"86Cx<T$N5v2D$N2<(B
The Open Group Research Institute $B$N(B <a
href="http://home.earthlink.net/~fjhirsch/">Frederick J. Hirsch</a>
$B;a$N5-;v(B <a
href="http://home.earthlink.net/~fjhirsch/Papers/wwwj/article.html">
Introducing SSL and Certificates using SSLeay</a> $B$r4p$K$7$F$$$^$9!#(B
$B;a$N5-;v$O(B <a
href="http://www.ora.com/catalog/wjsum97/">Web Security: A Matter of
Trust</a>, World Wide Web Journal, Volume 2, Issue 3, Summer 1997
$B$K7G:\$5$l$^$7$?!#(B
$B9NDjE*$J0U8+$O(B <a
href="mailto:hirsch@fjhirsch.com">Frederick Hirsch</a> $B;a(B
($B855-;v$NCx<T(B) $B$XA4$F$N6l>p$O(B <a
href="mailto:rse@engelschall.com">Ralf S. Engelschall</a> (
<module>mod_ssl</module> $B$N:n<T(B) $B$X$*4j$$$7$^$9!#(B
[$BLuCm(B: $BLu$K$D$$$F$O(B <a
href="mailto:apache-docs@ml.apache.or.jp">
Apache $B%I%-%e%a%s%HK]Lu%W%m%8%'%/%H(B</a>
$B$X$*4j$$$7$^$9!#(B]</p>
</summary>
<section id="cryptographictech">
<title>$B0E9f2=5;=Q(B</title>
<p>SSL $B$rM}2r$9$k$K$O!"0E9f%"%k%4%j%:%`!"(B
$B%a%C%;!<%8%@%$%8%'%9%H4X?t(B($BJLL>(B: $B0lJ}8~4X?t!"%O%C%7%e4X?t(B)$B!"(B
$BEE;R=pL>$J$I$X$NM}2r$,I,MW$G$9!#(B
$B$3$l$i$N5;=Q$OK\$,4]$4$HI,MW$JBjL\$G(B
($BNc$($P(B [<a href="#AC96">AC96</a>] $B$r;2>H(B)$B!"(B
$B%W%i%$%P%7!<!"?.MQ!"G'>Z$J$I$N5;=Q$N4pAC$H$J$C$F$$$^$9!#(B</p>
<section id="cryptographicalgo">
<title>$B0E9f%"%k%4%j%:%`(B</title>
<p>$BNc$($P!"%"%j%9$,Aw6b$N$?$a$K6d9T$K%a%C%;!<%8$rAw$j$?$$$H$7$^$9!#(B
$B8}:BHV9f$dAw6b$N6b3[$,4^$^$l$k$?$a!"(B
$B%"%j%9$O$=$N%a%C%;!<%8$rHkL)$K$7$?$$$H;W$$$^$9!#(B
$B2r7hJ}K!$N0l$D$O0E9f%"%k%4%j%:%`$r;H$C$F!"%a%C%;!<%8$r(B
$BFI$^$;$?$$?M0J30$OFI$`$3$H$,$G$-$J$$0E9f2=$5$l$?(B
$B7ABV$KJQ$($F$7$^$&$3$H$G$9!#(B
$B$=$N7ABV$K$J$k$H!"(B
$B%a%C%;!<%8$OHkL)$N80$K$h$C$F$N$_2r<a$9$k$3$H$,$G$-$^$9!#(B
$B80$J$7$G$O!"%a%C%;!<%8$OLr$KN)$A$^$;$s!#(B
$BNI$$0E9f%"%k%4%j%:%`$O!"?/F~<T$,85$N%F%-%9%H$r2rFI$9$k$3$H$r(B
$BHs>o$KFq$7$/$9$k$?$a!"EXNO$,3d$K9g$o$J$/$5$;$^$9!#(B</p>
<p>$B0E9f%"%k%4%j%:%`$K$O(B
$B=>Mh7?$H8x3+80$NFs$D$N<oN`$,$"$j$^$9!#(B</p>
<dl>
<dt>$B=>Mh7?0E9f(B</dt>
<dd>$BBP>N0E9f$H$7$F$bCN$i$l!"(B
$BAw?.<T$H<u?.<T$,80$r6&M-$9$k$3$H$,I,MW$G$9!#(B
$B80$H$O!"%a%C%;!<%8$r0E9f2=$7$?$jI|9f$9$k$N$K;H$o$l$kHkL)(B
$B$N>pJs$N$3$H$G$9!#(B
$B$b$7!"$3$N80$,HkL)$J$i!"Aw?.<T$H<u?.<T0J30$OC/$b%a%C%;!<%8$rFI(B
$B$`$3$H$,$G$-$^$;$s!#(B
$B$b$7$b!"%"%j%9$H6d9T$,HkL)$N80$rCN$C$F$$$k$J$i!"(B
$BH`$i$O$*8_$$$KHkL)$N%a%C%;!<%8$rAw$k$3$H$,$G$-$k$G$7$g$&!#(B
$B$?$@$7!";vA0$KFbL)$K80$rA*$V$H$$$&;E;v$OLdBj$r4^$s$G$$$^$9!#(B</dd>
<dt>$B8x3+800E9f(B</dt>
<dd>$BHsBP>N0E9f$H$7$F$bCN$i$l!"(B
$B%a%C%;!<%8$r0E9f2=$9$k$3$H$N$G$-$kFs$D$N80(B
$B$r;HMQ$9$k%"%k%4%j%:%`$rDj5A$9$k$3$H$G80$N$d$j<h$j$NLdBj$r2r7h(B
$B$7$^$9!#(B
$B$b$7!"$"$k80$,0E9f2=$K;H$o$l$?$J$i!"(B
$B$b$&JRJ}$N80$GI|9f$7$J$1$l$P$$$1$^$;$s!#(B
$B$3$NJ}<0$K$h$C$F!"0l$D$N80$r8xI=$7$F(B($B8x3+80(B)$B!"(B
$B$b$&JRJ}$rHkL)$K$7$F$*$/(B($BHkL)80(B)$B$@$1$G!"(B
$B0BA4$J%a%C%;!<%8$r<u$1<h$k$3$H$,$G$-$^$9!#(B</dd>
</dl>
<p>$BC/$b$,0E9f2=$5$l$?%a%C%;!<%8$r8x3+80$K$h$C$F0E9f2=(B
$B$9$k$3$H$,$G$-$^$9$,!"HkL)80$N;}$A<g$@$1$,$=$l$rFI$`$3$H$,(B
$B$G$-$^$9!#(B
$B$3$NJ}K!$G!"6d9T$N8x3+80$r;H$C$F0E9f2=$9$k$3$H$G!"(B
$B%"%j%9$OHkL)$N%a%C%;!<%8$rAw$k$3$H$,$G$-$^$9!#(B
$B6d9T$N$_$,I|9f$9$k$3$H$,$G$-$^$9!#(B</p>
</section>
<section id="messagedigests">
<title>$B%a%C%;!<%8%@%$%8%'%9%H(B</title>
<p>$B%"%j%9$O%a%C%;!<%8$rHkL)$K$9$k$3$H$,$G$-$^$9$,!"(B
$BC/$+$,Nc$($P<+J,$KAw6b$9$k$h$&$K%a%C%;!<%8$rJQ99$7$?$j!"(B
$BJL$N$b$N$KCV$-49$($F$7$^$&$+$b$7$l$J$$$H$$$&LdBj$,$"$j$^$9!#(B
$B%"%j%9$N%a%C%;!<%8$N?.MQ$rJ]>Z$9$kJ}K!$N0l$D$O!"(B
$B%a%C%;!<%8$N4J7i$J%@%$%8%'%9%H$r:n$C$F!"$=$l$b6d9T$KAw$k$H$$$&$b$N$G$9!#(B
$B%a%C%;!<%8$r<u$1<h$k$H6d9T$b%@%$%8%'%9%H$r:n@.$7!"(B
$B%"%j%9$,Aw$C$?$b$N$HHf$Y$^$9!#$b$70lCW$7$?$J$i!"(B
$B<u$1<h$C$?%a%C%;!<%8$OL5=}$@$H$$$&$3$H$K$J$j$^$9!#(B</p>
<p>$B$3$N$h$&$JMWLs$O(B<dfn>$B%a%C%;!<%8%@%$%8%'%9%H(B</dfn>$B!"(B
<em>$B0lJ}9T4X?t(B</em>$B!"$^$?$O(B<em>$B%O%C%7%e4X?t(B</em>$B$H8F$P$l$^$9!#(B
$B%a%C%;!<%8%@%$%8%'%9%H$OD9$$2DJQD9$N%a%C%;!<%8$+$i(B
$BC;$$8GDjD9$NI=8=$r:n$k$N$K;H$o$l$^$9!#(B
$B%@%$%8%'%9%H%"%k%4%j%:%`$O%a%C%;!<%8$+$i(B
$B0l0U$J%@%$%8%'%9%H$r@8@.$9$k$h$&$K:n$i$l$F$$$^$9!#(B
$B%a%C%;!<%8%@%$%8%'%9%H$O%@%$%8%'%9%H$+$i85$N%a%C%;!<%8$r(B
$BH=Dj$9$k$N$,$H$F$bFq$7$$$h$&$K$G$-$F$$$^$9!#(B
$B$^$?!"F1$8MWLs$r:n@.$9$kFs$D$N%a%C%;!<%8$rC5$9$N$OIT2DG=$G$9!#(B
$B$h$C$F!"F1$8MWLs$r;H$C$F%a%C%;!<%8$rCV$-49$($k$H$$$&(B
$B2DG=@-$rGS=|$7$F$$$^$9!#(B</p>
<p>$B%"%j%9$X$N$b$&0l$D$NLdBj$O!"$3$N%@%$%8%'%9%H$r0BA4$KAw$kJ}K!$rC5$9$3$H$G$9!#(B
$B$3$l$,$G$-$l$P!"%a%C%;!<%8$N?.MQ$,J]>Z$5$l$^$9!#(B
$B0l$D$NJ}K!$O$3$N%@%$%8%'%9%H$KEE;R=pL>$r4^$`$3$H$G$9!#(B</p>
</section>
<section id="digitalsignatures"><title>$BEE;R=pL>(B</title>
<p>$B%"%j%9$,6d9T$K%a%C%;!<%8$rAw$C$?$H$-!"6d9T$O!"(B
$B?/F~<T$,H`=w$K$J$j$9$^$7$FH`=w$N8}:B$X$N<h0z$r?=@A$7$F$$$J$$$+!"(B
$B%a%C%;!<%8$,K\Ev$KH`=w$+$i$N$b$N$+3N<B$KJ,$+$i$J$1$l$P$$$1$^$;$s!#(B
$B%"%j%9$K$h$C$F:n@.$5$l!"%a%C%;!<%8$K4^$^$l$?(B
<em>$BEE;R=pL>(B</em>$B$,$3$3$GLr$KN)$A$^$9!#(B</p>
<p>$BEE;R=pL>$O%a%C%;!<%8$N%@%$%8%'%9%H$d$=$NB>$N>pJs(B($B=hM}HV9f$J$I(B)$B$r(B
$BAw?.<T$NHkL)80$G0E9f2=$9$k$3$H$G:n$i$l$^$9!#(B
$BC/$b$,8x3+80$r;H$C$F=pL>$r(B<em>$BI|9f(B</em>$B$9$k$3$H$,$G$-$^$9$,!"(B
$B=pL><T$N$_$,HkL)80$rCN$C$F$$$^$9!#(B
$B$3$l$O!"H`$i$N$_$,=pL>$7$($?$3$H$r0UL#$7$^$9!#(B
$B%@%$%8%'%9%H$rEE;R=pL>$K4^$`$3$H$O!"(B
$B$=$N=pL>$,$=$N%a%C%;!<%8$N$_$KM-8z$G$"$k$3$H$r0UL#$7$^$9!#(B
$B$3$l$O!"C/$b%@%$%8%'%9%H$rJQ$($F=pL>$r$9$k$3$H$,$G$-$J$$$?$a!"(B
$B%a%C%;!<%8$N?.MQ$bJ]>Z$7$^$9!#(B</p>
<p>$B?/F~<T$,=pL>$rK5<u$7$F8eF|$K:FMxMQ$9$k$N$rKI$0$?$a(B
$BEE;R=pL>$K$O0l0U$J=hM}HV9f$,4^$^$l$^$9!#(B
$B$3$l$O!"%"%j%9$,$=$s$J%a%C%;!<%8$OAw$C$F$$$J$$$H8@$&:>5=(B
$B$+$i6d9T$r<i$j$^$9!#(B
$BH`=w$@$1$,=pL>$7$($?$+$i$G$9!#(B($BH]G'KI;_(B)</p>
</section>
</section>
<!-- /cryptographictech -->
<section id="certificates">
<title>$B>ZL@=q(B</title>
<p>$B%"%j%9$OHkL)$N%a%C%;!<%8$r6d9T$KAw$j!"(B
$B=pL>$r$7$F!"%a%C%;!<%8$N?.MQ$rJ]>Z$9$k$3$H$,$G$-$k$*$&$K$J$j$^$7$?$,!"(B
$BDL?.$7$F$$$kAj<j$,K\Ev$K6d9T$J$N$+3N$+$a$J$/$F$O$$$1$^$;$s!#(B
$B$3$l$O!"H`=w$,;H$&8x3+80$,6d9T$NHkL)80$HBP$K$J$C$F$$$k$b$N$+!"(B
$BH`=w$O3N$+$a$J$/$F$O$$$1$J$$$H$$$&$3$H$r0UL#$7$^$9!#(B
$BF1MM$K!"6d9T$O%a%C%;!<%8$N=pL>$,K\Ev$K%"%j%9$N=pL>$+3NG'$9$kI,MW$,(B
$B$"$j$^$9!#(B</p>
<p>$B$b$7N><T$K?H85$r>ZL@$7!"8x3+80$r3NG'$7!"$^$??.Mj$5$l$?5!4X$,=pL>(B
$B$7$?>ZL@=q$,$"$l$P!"N><T$H$bDL?.Aj<j$K$D$$$F@5$7$$Aj<j$@$H(B
$B3N?.$9$k$3$H$,$G$-$^$9!#(B
$B$=$N$h$&$J?.Mj$5$l$?5!4X$O(B<em>$BG'>Z6I(B</em>
(Certificate Authority $B$^$?$O(B CA) $B$H8F$P$l!"(B
$B>ZL@=q(B (certificate) $B$,G'>Z(B (authentication) $B$K;H$o$l$^$9!#(B</p>
<section id="certificatecontents">
<title>$B>ZL@=q$NFbMF(B</title>
<p>$B>ZL@=q$O8x3+80$H8D?M!"%5!<%P!"$=$NB>$N<gBN$N<B:_$N?H85$r(B
$B4XO"IU$1$^$9!#(B
<a href="#table1">$BI=(B1</a>$B$K<($5$l$k$h$&$K>ZL@BP>]$N>pJs$O(B
$B?H85>ZL@$N>pJs(B($B<1JLL>(B)$B$H8x3+80$,4^$^$l$^$9!#(B
$B>ZL@=q$O$^$?!"G'>Z6I$N?H85>ZL@$H=pL>!"$=$7$F>ZL@=q$NM-8z4|4V$r(B
$B4^$_$^$9!#(B
$B%7%j%"%k%J%s%P!<$J$I$NG'>Z6I$N4IM}>e$N>pJs$d(B
$B$=$NB>$NDI2C$N>pJs$,4^$^$l$F$$$k$+$b$7$l$^$;$s!#(B</p>
<section id="table1">
<title>$BI=(B1: $B>ZL@=q>pJs(B</title>
<table>
<columnspec><column width=".35"/><column width=".35"/>
</columnspec>
<tr><th>$B>ZL@BP>](B</th>
<td>$B<1JLL>!"8x3+80(B</td></tr>
<tr><th>$BH/9T<T(B</th>
<td>$B<1JLL>!"8x3+80(B</td></tr>
<tr><th>$BM-8z4|4V(B</th>
<td>$B3+;OF|!"<:8zF|(B</td></tr>
<tr><th>$B4IM}>pJs(B</th>
<td>$B%P!<%8%g%s!"%7%j%"%k%J%s%P!<(B</td></tr>
<tr><th>$B3HD%>pJs(B</th>
<td>$B4pK\E*$J@)Ls!"%M%C%H%9%1!<%W%U%i%C%0!"$=$NB>(B</td></tr>
</table>
</section>
<p>$B<1JLL>(B($B%G%#%9%F%#%s%0%$%C%7%e!&%M!<%`(B)$B$OFCDj$N>u67$K$*$1$k(B
$B?HJ,>ZL@$rDs6!$9$k$N$K;H$o$l$F$$$^$9!#Nc$($P!"$"$k?M$O(B
$B;dMQ$H2q<R$H$GJL!9$N?HJ,>ZL@$r;}$D$+$b$7$l$^$;$s!#(B
$B<1JLL>$O(B X.509 $BI8=`5,3J(B [<a
href="#X509">X509</a>] $B$GDj5A$5$l$F$$$^$9!#(B
X.509 $BI8=`5,3J$O!"9`L\!"9`L\L>!"$=$7$F9`L\$NN,>N$rDj5A$7$F$$$^$9!#(B(<a href="#table2">$BI=(B
2</a> $B;2>H(B)</p>
<section id="table2">
<title>$BI=(B 2: $B<1JLL>>pJs(B</title>
<table border="1">
<columnspec><column width=".25"/><column width=".15"/>
<column width=".3"/><column width=".25"/></columnspec>
<tr><th>$B<1JLL>9`L\(B</th>
<th>$BN,>N(B</th>
<th>$B@bL@(B</th>
<th>$BNc(B</th></tr>
<tr><td>Common Name ($B%3%b%s%M!<%`(B)</td>
<td>CN</td>
<td>$BG'>Z$5$l$kL>A0(B<br />
SSL$B@\B3$9$k(BURL</td>
<td>CN=www.example.com</td></tr>
<tr><td>Organization or Company ($BAH?%L>(B)</td>
<td>O</td>
<td>$BCDBN$N@5<01Q8lAH?%L>(B</td>
<td>O=Example Japan K.K.</td></tr>
<tr><td>Organizational Unit ($BItLgL>(B)</td>
<td>OU</td>
<td>$BIt=pL>$J$I(B</td>
<td>OU=Customer Service</td></tr>
<tr><td>City/Locality ($B;T6hD.B<(B)</td>
<td>L</td>
<td>$B=j:_$7$F$k;T6hD.B<(B</td>
<td>L=Sapporo</td></tr>
<tr><td>State/Province ($BETF;I\8)(B)</td>
<td>ST</td>
<td>$B=j:_$7$F$kETF;I\8)(B</td>
<td>ST=Hokkaido</td></tr>
<tr><td>Country($B9q(B)</td>
<td>C</td>
<td>$B=j:_$7$F$$$k9qL>$N(B ISO $B%3!<%I(B<br />
$BF|K\$N>l9g(B JP
</td>
<td>C=JP</td></tr>
</table>
</section>
<p>$BG'>Z6I$O$I$N9`L\$,>JN,2DG=$G$I$l$,I,?\$+$NJ}?K$rDj5A$9$k(B
$B$+$b$7$l$^$;$s!#9`L\$NFbMF$K$D$$$F$bG'>Z6I$d>ZL@=q$N%f!<%6$+$i$N(B
$BMW7o$,$"$k$+$b$7$l$^$;$s!#(B
$BNc$($P!"%M%C%H%9%1!<%W$N%V%i%&%6$O%5!<%P$N>ZL@=q$N(B
Common Name ($B%3%b%s%M!<%`(B)$B$,%5!<%P$N%I%a%$%sL>$N(B
<code>*.example.com</code>
$B$H$$$&$h$&$J%o%$%k%I%+!<%I$N%Q%?!<%s$K%^%C%A$9$k$3$H(B
$B$rMW5a$7$^$9!#(B</p>
<p>$B%P%$%J%j7A<0$N>ZL@=q$O(B ASN.1 $BI=5-K!(B
[<a href="#X208">X208</a>] [<a href="#PKCS">PKCS</a>] $B$G(B
$BDj5A$5$l$F$$$^$9!#(B
$B$3$NI=5-K!$OFbMF$r$I$N$h$&$K5-=R$9$k$+$rDj5A$7!"(B
$BId9f2=$N5,Dj$,$3$N>pJs$,$I$N$h$&$K%P%$%J%j7A<0$KJQ49$5$l$k$+$r(B
$BDj5A$7$^$9!#(B
$B>ZL@=q$N%P%$%J%jId9f2=$O(B Distinguished Encoding
Rules (DER) $B$GDj5A$5$l!"$=$l$O$h$j0lHLE*$J(B Basic Encoding Rules
(BER) $B$K4p$E$$$F$$$^$9!#(B
$B%P%$%J%j7A<0$r07$&$3$H$N$G$-$J$$Aw?.$G$O!"(B
$B%P%$%J%j7A<0$O(B Base64 $BId9f2=(B [<a href="#MIME">MIME</a>] $B$G(B
ASCII $B7A<0$KJQ49$5$l$k$3$H$,$"$j$^$9!#(B
$B$3$N$h$&$KId9f2=$5$l!"0J2<$NNc$K<($5$l$k$h$&$K6h@Z$j9T$K(B
$B64$^$l$?$b$N$O(B PEM $BId9f2=$5$l$?$H8@$$$^$9!#(B
(PEM $B$NL>A0$O(B "Privacy Enhanced Mail" $B$KM3Mh$7$^$9(B)</p>
<example>
<title>PEM $BId9f2=$5$l$?>ZL@=q$NNc(B (example.crt)</title>
<pre>-----BEGIN CERTIFICATE-----
MIIC7jCCAlegAwIBAgIBATANBgkqhkiG9w0BAQQFADCBqTELMAkGA1UEBhMCWFkx
FTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25ha2UgVG93bjEXMBUG
A1UEChMOU25ha2UgT2lsLCBMdGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhv
cml0eTEVMBMGA1UEAxMMU25ha2UgT2lsIENBMR4wHAYJKoZIhvcNAQkBFg9jYUBz
bmFrZW9pbC5kb20wHhcNOTgxMDIxMDg1ODM2WhcNOTkxMDIxMDg1ODM2WjCBpzEL
MAkGA1UEBhMCWFkxFTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25h
a2UgVG93bjEXMBUGA1UEChMOU25ha2UgT2lsLCBMdGQxFzAVBgNVBAsTDldlYnNl
cnZlciBUZWFtMRkwFwYDVQQDExB3d3cuc25ha2VvaWwuZG9tMR8wHQYJKoZIhvcN
AQkBFhB3d3dAc25ha2VvaWwuZG9tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDH9Ge/s2zcH+da+rPTx/DPRp3xGjHZ4GG6pCmvADIEtBtKBFAcZ64n+Dy7Np8b
vKR+yy5DGQiijsH1D/j8HlGE+q4TZ8OFk7BNBFazHxFbYI4OKMiCxdKzdif1yfaa
lWoANFlAzlSdbxeGVHoT0K+gT5w3UxwZKv2DLbCTzLZyPwIDAQABoyYwJDAPBgNV
HRMECDAGAQH/AgEAMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQQFAAOB
gQAZUIHAL4D09oE6Lv2k56Gp38OBDuILvwLg1v1KL8mQR+KFjghCrtpqaztZqcDt
2q2QoyulCgSzHbEGmi0EsdkPfg6mp0penssIFePYNI+/8u9HT4LuKMJX15hxBam7
dUHzICxBVC1lnHyYGjDuAMhe396lYAn8bCld1/L4NMGBCQ==
-----END CERTIFICATE-----</pre>
</example>
</section>
<section id="certificateauthorities">
<title>$BG'>Z6I(B</title>
<p>$B$^$:>ZL@=q$N?=@A$N>pJs$r3NG'$9$k$3$H$G!"(B
$BG'>Z6I$OHkL)80$N;}$A<g$N?H85$rJ]>Z$7$^$9!#(B
$BNc$($P!"%"%j%9$,8D?M>ZL@=q$r?=@A$7$?$H$9$k$H!"(B
$BG'>Z6I$O%"%j%9$,>ZL@=q$N?=@A$,<gD%$9$kDL$j$N(B
$B?MJ*$@$H$$$&$3$H$r3NG'$7$J$/$F$O$$$1$^$;$s!#(B</p>
<section id="certificatechains">
<title>$B>ZL@=q3,AX9=B$(B</title>
<p>$BG'>Z6I$OB>$NG'>Z6I$X$N>ZL@=q$rH/9T$9$k$3$H$,$G$-$^$9!#(B
$BL$CN$N>ZL@=q$rD4$Y$k;~$K!"%"%j%9$O$=$N>ZL@=q$NH/9T<T(B
$B$K<+?.$,;}$F$k$^$G!"H/9T<T$N>ZL@=q$r(B
$B$=$N>e0L3,AX$NG'>Z6I$r$?$I$C$FD4$Y$kI,MW$,$"$j$^$9!#(B
$B!V0-<A$J!W>ZL@=q$N4m81@-$r8:$i$9$?$a!"(B
$BH`=w$O8B$i$l$?O":?$NH/9T<T$N$_?.Mj$9$k$h$&$K(B
$B7h$a$k$3$H$b$G$-$^$9!#(B</p>
</section>
<section id="rootlevelca">
<title>$B:G>e0LG'>Z6I$N:n@.(B</title>
<p>$BA0$K=R$Y$?$h$&$K!"A4$F$N>ZL@=q$K$D$$$F!"(B
$B:G>e0L$NG'>Z6I(B(CA)$B$^$G$=$l$>$l$NH/9T<T$,(B
$BBP>]$N?H85>ZL@$NM-8z@-$rL@$i$+$K$9$kI,MW$,$"$j$^$9!#(B
$BLdBj$O!"C/$,$=$N:G>e0L$NG'>Z5!4X$N>ZL@=q$rJ]>Z$9$k$N$+!"(B
$B$H$$$&$3$H$G$9!#(B
$B$3$N$h$&$J>l9g$K8B$j!">ZL@=q$O!V<+8J=pL>!W$5$l$^$9!#(B
$B$D$^$j!">ZL@=q$NH/9T<T$H>ZL@BP>]$,F1$8$H$$$&$3$H$K$J$j$^$9!#(B
$B$=$N7k2L!"<+8J=pL>$5$l$?>ZL@=q$r?.MQ$9$k$K$O(B
$B:Y?4$NCm0U$,I,MW$G$9!#(B
$B:G>e0LG'>Z6I$,8x3+80$r9-$/8xI=$9$k$3$H$G!"(B
$B$=$N80$r?.Mj$9$k%j%9%/$rDc$/$9$k$3$H$,$G$-$^$9!#(B
$B$b$7!"B>?M$,$=$NG'>Z6I$K$J$j$9$^$7$?;~$K!"$=$l$,O*8+$7$d(B
$B$9$$$+$i$G$9!#(B
$BB?$/$N%V%i%&%6$OM-L>$JG'>Z6I$r?.Mj$9$k$h$&$K(B
$B@_Dj$5$l$F$$$^$9!#(B</p>
<p><a href="http://www.thawte.com/">Thawte</a>
$B$d(B <a href="http://www.verisign.com/">VeriSign</a>
$B$N$h$&$JB?$/$N2q<R$,G'>Z6I$H$7$F3+@_$7$^$7$?!#(B
$B$3$N$h$&$J2q<R$O0J2<$N%5!<%S%9$rDs6!$7$^$9(B:</p>
<ul>
<li>$B>ZL@=q?=@A$N3NG'(B</li>
<li>$B>ZL@=q?=@A$N=hM}(B</li>
<li>$B>ZL@=q$NH/9T$H4IM}(B</li>
</ul>
<p>$B<+J,$GG'>Z6I$r:n$k$3$H$b2DG=$G$9!#(B
$B%$%s%?!<%M%C%H4D6-$G$O4m81$G$9$,!"(B
$B8D?M$d%5!<%P$N?H85>ZL@$,4JC1$K9T$($kAH?%$N(B
$B%$%s%H%i%M%C%HFb$G$OLr$KN)$D$+$b$7$l$^$;$s!#(B</p>
</section>
<section id="certificatemanagement">
<title>$B>ZL@=q4IM}(B</title>
<p>$BG'>Z6I$N3+@_$OE0Dl$7$?4IM}!"5;=Q!"1?MQ$NBN@)$rI,MW$H$9$k(B
$B@UG$$N$"$k;E;v$G$9!#(B
$BG'>Z6I$O>ZL@=q$rH/9T$9$k$@$1$G$J$/!"(B
$B4IM}$b$7$J$1$l$P$J$j$^$;$s!#(B
$B6qBNE*$K$O!">ZL@=q$,$$$D$^$GM-8z$+$r7hDj$7!"99?7$7!"(B
$B$^$?4{$KH/9T$5$l$?$,<:8z$7$?>ZL@=q$N%j%9%H(B
(Certificate Revocation Lists $B$^$?$O(B CRL)
$B$r4IM}$7$J$1$l$P$$$1$^$;$s!#(B
$BNc$($P!"%"%j%9$,2q<R$+$i<R0w$H$7$F>ZL@=q$rM?$($i$l$?$H$7$^$9!#(B
$B$=$7$F!"%"%j%9$,2q<R$r<-$a$k$H$-$K$O>ZL@=q$r<h$j>C$5$J$1$l$P(B
$B$$$1$J$$$H$7$^$9!#(B
$B>ZL@=q$O<!!9$H?M$KEO$5$l$F$$$/$b$N$J$N$G!"(B
$B>ZL@=q$=$N$b$N$+$i!"$=$l$,<h$j>C$5$l$?$+H=CG$9$k$3$H$O(B
$BIT2DG=$G$9!#(B
$B$h$C$F!">ZL@=q$NM-8z@-$rD4$Y$k$H$-$K$O!"(B
$BG'>Z6I$KO"Mm$7$F(B CRL $B$r>H9g$9$kI,MW$,$"$j$^$9!#(B
$BIaDL$3$N2aDx$O<+F02=$5$l$F$$$k$b$N$G$O$"$j$^$;$s!#(B</p>
<note><title>$BCm0U(B</title>
<p>$B%G%U%)%k%H$G%V%i%&%6$K@_Dj$5$l$F$$$J$$G'>Z6I$r;H$C$?>l9g!"(B
$BG'>Z6I$N>ZL@=q$r%V%i%&%6$KFI$_9~$s$G!"(B
$B%V%i%&%6$,$=$NG'>Z6I$K$h$C$F=pL>$5$l$?%5!<%P$N>ZL@=q$r(B
$BM-8z2=$9$kI,MW$,$"$j$^$9!#(B
$B0lEYFI$_9~$^$l$k$H!"$=$NG'>Z6I$K$h$C$F=pL>$5$l$?A4$F$N(B
$B>ZL@=q$r<u$1F~$l$k$?$a!"4m81$rH<$$$^$9!#(B</p>
</note>
</section>
</section>
<!-- /certificateauthorities -->
</section>
<!-- /certificates -->
<section id="ssl">
<title>Secure Sockets Layer (SSL)</title>
<p>Secure Sockets Layer $B%W%m%H%3%k$O?.Mj@-$N$"$k%3%M%/%7%g%s7?$N(B
$B%M%C%H%o!<%/AX$N%W%m%H%3%k(B($BNc$($P!"(BTCP/IP)$B$H(B
$B%"%W%j%1!<%7%g%sAX$N%W%m%H%3%k(B($BNc$($P!"(BHTTP)
$B$N4V$KCV$/$3$H$,$G$-$^$9!#(B
SSL $B$O!"Aj8_G'>Z$K$h$C$F%5!<%P$H%/%i%$%"%s%H4V$N0BA4$JDL?.$r!"(B
$BEE;R=pL>$K$h$C$F%G!<%?$N40A4@-$r!"(B
$B$=$7$F0E9f2=$K$h$C$F%W%i%$%P%7$rDs6!$7$^$9!#(B</p>
<p>SSL $B%W%m%H%3%k$O0E9f2=!"%@%$%8%'%9%H!"EE;R=pL>$K$D$$$F!"(B
$BMM!9$J%"%k%4%j%:%`$r%5%]!<%H$9$k$h$&$K$G$-$F$$$^$9!#(B
$B$3$&$9$k$3$H$G!"K!$dM"=P$N5,@)$r9MN8$KF~$l$F!"%5!<%P$K9g$o$;$?(B
$B%"%k%4%j%:%`$rA*$V$3$H$,$G$-!"$^$?!"?7$7$$%"%k%4%j%:%`$r(B
$BMxMQ$7$F$$$/$3$H$b2DG=$K$7$F$$$^$9!#(B
$B%"%k%4%j%:%`$NA*Br$O%W%m%H%3%k%;%C%7%g%s3+;O;~$K(B
$B%5!<%P$H%/%i%$%"%s%H4V$G<h$j7h$a$i$l$^$9!#(B</p>
<section id="table4">
<title>$BI=(B4: SSL $B%W%m%H%3%k$N%P!<%8%g%s(B</title>
<table border="1">
<columnspec><column width=".15"/><column width=".2"/>
<column width=".30"/><column width=".25"/></columnspec>
<tr><th>$B%P!<%8%g%s(B</th>
<th>$B=PE5(B</th>
<th>$B@bL@(B</th>
<th>$B%V%i%&%6$N%5%]!<%H(B</th></tr>
<tr><td>SSL v2.0</td>
<td>Vendor Standard (Netscape Corp. $B$h$j(B) [<a href="#SSL2"
>SSL2</a>]</td>
<td>$B<BAu$,8=B8$9$k=i$a$F$N(B SSL $B%W%m%H%3%k(B</td>
<td>- NS Navigator 1.x/2.x<br />
- MS IE 3.x<br />
- Lynx/2.8+OpenSSL</td></tr>
<tr><td>SSL v3.0</td>
<td>Expired Internet Draft (Netscape Corp. $B$h$j(B) [<a href="#SSL3"
>SSL3</a>]</td>
<td>$BFCDj$N%;%-%e%j%F%#967b$rKI$0$?$a$N2~D{!"(B
$BHs(BRSA $B0E9f$NDI2C!">ZL@=q3,AX9=B$$N%5%]!<%H(B</td>
<td>- NS Navigator 2.x/3.x/4.x<br />
- MS IE 3.x/4.x<br />
- Lynx/2.8+OpenSSL</td></tr>
<tr><td>TLS v1.0</td>
<td>Proposed Internet Standard (IETF $B$h$j(B) [<a href="#TLS1"
>TLS1</a>]</td>
<td>MAC $B%l%$%d$r(B HMAC $B$X99?7!"%V%m%C%/0E9f$N(B block
padding$B!"%a%C%;!<%8=g=x$NI8=`2=!"7Y9pJ8$N=<<B$J$I$N$?$a(B
SSL 3.0 $B$r2~D{!#(B</td>
<td>- Lynx/2.8+OpenSSL</td></tr>
</table>
</section>
<p><a href="#table4">$BI=(B4</a>$B$K<($5$l$k$H$*$j!"(BSSL $B%W%m%H%3%k$K$O(B
$B$$$/$D$b$N%P!<%8%g%s$,$"$j$^$9!#(B
$BI=$K$b=q$+$l$F$$$k$h$&$K!"(BSSL 3.0 $B$NMxE@$N0l$D$O(B
$B>ZL@=q3,AX9=B$$r%5%]!<%H$9$k$3$H$G$9!#(B
$B$3$N5!G=$K$h$C$F!"%5!<%P$O<+J,$N>ZL@=q$K2C$($F!"(B
$BH/9T<T$N>ZL@=q$r%V%i%&%6$KEO$9$3$H$,$G$-$^$9!#(B
$B>ZL@=q3,AX9=B$$K$h$C$F!"(B
$B%V%i%&%6$KH/9T<T$N>ZL@=q$,D>@\EPO?$5$l$F$$$J$/$F$b!"(B
$B3,AX$NCf$K4^$^$l$F$$$l$P!"(B
$B%V%i%&%6$O%5!<%P$N>ZL@=q$rM-8z2=$9$k$3$H$,$G$-$^$9!#(B
SSL 3.0 $B$O8=:_(B Internet Engineering Task Force (IETF)
$B$K$h$C$F3+H/$5$l$F$$$k(B Transport Layer Security
[<a href="#TLS1">TLS</a>] $B%W%m%H%3%kI8=`5,3J$N4pAC$H$J$C$F$$$^$9!#(B</p>
<section id="session">
<title>$B%;%C%7%g%s$N3NN)(B</title>
<p><a href="#figure1">$B?^(B1</a>$B$G<($5$l$k$h$&$K!"(B
$B%;%C%7%g%s$N3NN)$O%/%i%$%"%s%H$H%5!<%P4V$N(B
$B%O%s%I%7%'!<%/%7!<%/%(%s%9$K$h$C$F9T$J$o$l$^$9!#(B
$B%5!<%P$,>ZL@=q$rDs6!$9$k$+!"%/%i%$%"%s%H$N>ZL@=q$r%j%/%(%9%H$9$k$+(B
$B$H$$$&%5!<%P$N@_Dj$K$h$j!"$3$N%7!<%/%(%s%9$O0[$J$k$b$N$H$J$j$^$9!#(B
$B0E9f>pJs$N4IM}$N$?$a$K!"DI2C$N%O%s%I%7%'!<%/2aDx$,I,MW$K$J$k(B
$B>l9g$b$"$j$^$9$,!"$3$N5-;v$G$O(B
$B$h$/$"$k%7%J%j%*$r<jC;$K@bL@$7$^$9!#(B
$BA4$F$N2DG=@-$K$D$$$O!"(BSSL $B;EMM=q$r;2>H$7$F$/$@$5$$!#(B</p>
<note><title>$BCm0U(B</title>
<p>$B0lEY(B SSL $B%;%C%7%g%s$,3NN)$9$k$H!"%;%C%7%g%s$r:FMxMQ$9$k$3$H$G!"(B
$B%;%C%7%g%s$r3+;O$9$k$?$a$NB?$/$N2aDx$r7+$jJV$9$H$$$&(B
$B%Q%U%)!<%^%s%9$NB;<:$rKI$.$^$9!#(B
$B$=$N$?$a!"%5!<%P$OA4$F$N%;%C%7%g%s$K0l0U$J%;%C%7%g%s<1JLL>$r(B
$B3d$jEv$F!"%5!<%P$K%-%c%C%7%e$7!"%/%i%$%"%s%H$O<!2s$+$i(B
($B<1JLL>$,%5!<%P$N%-%c%C%7%e$G4|8B@Z$l$K$J$k$^$G$O(B)
$B%O%s%I%7%'!<%/$J$7$G@\B3$9$k$3$H$,$G$-$^$9!#(B</p>
</note>
<p class="figure">
<img
src="ssl_intro_fig1.gif" alt="" width="423" height="327" /><br />
<a id="figure1" name="figure1"><dfn>$B?^(B1</dfn></a>: SSL
$B%O%s%I%7%'!<%/%7!<%/%(%s%935N,(B</p>
<p>$B%5!<%P$H%/%i%$%"%s%H$G;H$o$l$k(B
$B%O%s%I%7%'!<%/%7!<%/%(%s%9$NMWAG$r0J2<$K<($7$^$9(B:</p>
<ol>
<li>$B%G!<%?DL?.$K;H$o$l$k0E9f%9%$!<%H$N<h$j7h$a(B</li>
<li>$B%/%i%$%"%s%H$H%5!<%P4V$G$N%;%C%7%g%s80$N3NN)$H6&M-(B</li>
<li>$B%*%W%7%g%s$H$7$F!"%/%i%$%"%s%H$KBP$9$k%5!<%P$NG'>Z(B</li>
<li>$B%*%W%7%g%s$H$7$F!"%5!<%P$KBP$9$k%/%i%$%"%s%H$NG'>Z(B</li>
</ol>
<p>$BBh0l%9%F%C%W$N0E9f%9%$!<%H<h$j7h$a$K$h$C$F!"(B
$B%5!<%P$H%/%i%$%"%s%H$O$=$l$>$l$K$"$C$?(B
$B0E9f%9%$!<%H$rA*$V$3$H$,$G$-$^$9!#(B
SSL3.0 $B%W%m%H%3%k$N;EMM=q$O(B 31 $B$N0E9f%9%$!<%H$rDj5A$7$F$$$^$9!#(B
$B0E9f%9%$!<%H$O0J2<$N%3%s%]!<%M%s%H$K$h$jDj5A$5$l$F$$$^$9(B:</p>
<ul>
<li>$B80$N8r49<jCJ(B</li>
<li>$B%G!<%?DL?.$N0E9f=Q(B</li>
<li>Message Authentication Code (MAC) $B:n@.$N$?$a$N(B
$B%a%C%;!<%8%@%$%8%'%9%H(B</li>
</ul>
<p>$B$3$l$i$N;0$D$NMWAG$O0J2<$N%;%/%7%g%s$G@bL@$5$l$F$$$^$9!#(B</p>
</section>
<section id="keyexchange">
<title>$B80$N8r49<jCJ(B</title>
<p>$B80$N8r49<jCJ$O%"%W%j%1!<%7%g%s$N%G!<%?DL?.$K;H$o$l!"(B
$B6&M-$5$l$kBP>N0E9f80$r$I$N$h$&$K$,%/%i%$%"%s%H$H%5!<%P$G(B
$B<h$j7h$a$k$+$rDj5A$7$^$9!#(B
SSL 2.0 $B$O(B RSA $B808r49$7$+;H$$$^$;$s$,!"(B
SSL 3.0 $B$O>ZL@=q$,;H$o$l$k$H$-$O(B RSA $B808r49$r;H$$!"(B
$B>ZL@=q$,L5$/!"%/%i%$%"%s%H$H%5!<%P$N;vA0$NDL?.$,L5$$>l9g$O(B
Diffie-Hellman $B808r49$r;H$&(B
$B$J$IMM!9$J808r49%"%k%4%j%:%`$r%5%]!<%H$7$^$9!#(B</p>
<p>$B80$N8r49J}K!$K$*$1$k0l$D$NA*Br;h$OEE;R=pL>$G$9!#(B
$BEE;R=pL>$r;H$&$+$I$&$+!"$^$?!"(B
$B$I$N<oN`$N=pL>$r;H$&$+$H$$$&A*Br$,$"$j$^$9!#(B
$BHkL)80$G=pL>$9$k$3$H$G6&M-80$r@8@.$9$7!">pJs8r49$9$k;~$N(B
$B%^%s!&%$%s!&%6!&%_%I%k967b$rKI$0$3$H$,$G$-$^$9!#(B
[<a href="#AC96">AC96</a>, p516]</p>
</section>
<section id="ciphertransfer">
<title>$B%G!<%?DL?.$N0E9f=Q(B</title>
<p>SSL $B$O%;%C%7%g%s$N%a%C%;!<%8$N0E9f2=$KA0=R$7$?(B
$B=>Mh7?0E9f(B($BBP>N0E9f(B)$B$rMQ$$$^$9!#(B
$B0E9f2=$7$J$$$H$$$&A*Br;h$b4^$a6e$D$NA*Br;h$,$"$j$^$9(B:</p>
<ul>
<li>$B0E9f2=$J$7(B</li>
<li>$B%9%H%j!<%`0E9f(B
<ul>
<li>40-bit $B80$G$N(B RC4</li>
<li>128-bit $B80$G$N(B RC4</li>
</ul></li>
<li>CBC $B%V%m%C%/0E9f(B
<ul><li>40 bit $B80$G$N(B RC2</li>
<li>40 bit $B80$G$N(B DES</li>
<li>56 bit $B80$G$N(B DES</li>
<li>168 bit $B80$G$N(B Triple-DES</li>
<li>Idea (128 bit $B80(B)</li>
<li>Fortezza (96 bit $B80(B)</li>
</ul></li>
</ul>
<p>$B$3$3$G$N(B CBC $B$H$O0E9f%V%m%C%/O":?(B (Cipher Block Chaining)
$B$NN,$G!"0l$DA0$N0E9f2=$5$l$?0E9fJ8$N0lIt$,(B
$B%V%m%C%/$N0E9f2=$K;H$o$l$k$3$H$r0UL#$7$^$9!#(B
DES $B$O%G!<%?0E9f2=I8=`5,3J(B (Data Encryption Standard)
[<a href="#AC96">AC96</a>, ch12] $B$NN,$G!"(B
DES40 $B$d(B 3DES_EDE $B$r4^$`$$$/$D$b$N<oN`$,$"$j$^$9!#(B
Idea $B$O:G9b$J$b$N$N0l$D$G!"0E9f=QE*$K$O8=:_$"$kCf$G(B
$B:G$b6/NO$J$b$N$G$9!#(B
RC2 $B$O(B RSA DSI $B$K$h$kFH@jE*$J%"%k%4%j%:%`$G$9!#(B
[<a href="#AC96">AC96</a>,
ch13]</p>
</section>
<section id="digestfuntion">
<title>$B%@%$%8%'%9%H4X?t(B</title>
<p>
$B%@%$%8%'%9%H4X?t$NA*Br$O%l%3!<%I%f%K%C%H$+$i$I$N$h$&$K%@%$%8%'%9%H$,@8@.$5$l$k$+$r7hDj$7$^$9!#(B
SSL $B$O0J2<$r%5%]!<%H$7$^$9(B:</p>
<ul>
<li>$B%@%$%8%'%9%H$J$7(B</li>
<li>MD5 (128-bit $B%O%C%7%e(B)</li>
<li>Secure Hash Algorithm (SHA-1) (160-bit $B%O%C%7%e(B)</li>
</ul>
<p>$B%a%C%;!<%8%@%$%8%'%9%H$O(B Message Authentication Code (MAC)
$B$N@8@.$K;H$o$l!"%a%C%;!<%8$H6&$K0E9f2=$5$l!"%a%C%;!<%8$N?.MQ$r(B
$BDs6!$7!"%j%W%l%$967b$rKI$.$^$9!#(B</p>
</section>
<section id="handshake">
<title>$B%O%s%I%7%'!<%/%7!<%/%(%s%9%W%m%H%3%k(B</title>
<p>$B%O%s%I%7%'!<%/%7!<%/%(%s%9$O;0$D$N%W%m%H%3%k$r;H$$$^$9(B:</p>
<ul>
<li><dfn>SSL $B%O%s%I%7%'!<%/%W%m%H%3%k(B</dfn>$B$O(B
$B%/%i%$%"%s%H$H%5!<%P4V$G$N(B SSL $B%;%C%7%g%s$N3NN)$K;H$o$l$^$9!#(B</li>
<li><dfn>SSL $B0E9f;EMMJQ99%W%m%H%3%k(B</dfn>$B$O(B
$B%;%C%7%g%s$G$N0E9f%9%$!<%H$N<h$j7h$a$K;H$o$l$^$9!#(B</li>
<li><dfn>SSL $B7Y9p%W%m%H%3%k(B</dfn>$B$O(B
$B%/%i%$%"%s%H%5!<%P4V$G(B SSL $B%(%i!<$rEAC#$9$k$N$K;H$o$l$^$9!#(B</li>
</ul>
<p>$B;0$D$N%W%m%H%3%k$O!"%"%W%j%1!<%7%g%s%W%m%H%3%k%G!<%?$H$H$b$K!"(B
<a href="#figure2">$B?^(B2</a>$B$K<($9$H$*$j(B <dfn>SSL $B%l%3!<%I%W%m%H%3%k(B</dfn>
$B$G%+%W%;%k2=$5$l$^$9!#(B
$B%+%W%;%k2=$5$l$?%W%m%H%3%k$O%G!<%?$r8!::$7$J$$(B
$B2<AX$N%W%m%H%3%k$K$h$C$F%G!<%?$H$7$FEAC#$5$l$^$9!#(B
$B%+%W%;%k2=$5$l$?%W%m%H%3%k$O2<AX$N%W%m%H%3%k$K4X$7$F0l@Z4XCN$7$^$;$s!#(B</p>
<p class="figure">
<img src="ssl_intro_fig2.gif" alt="" width="428" height="217" /><br />
<a id="figure2" name="figure2"><dfn>$B?^(B2</dfn></a>: SSL $B%W%m%H%3%k%9%?%C%/(B
</p>
<p>
$B%l%3!<%I%W%m%H%3%k$K$h$k(B SSL $B%3%s%H%m!<%k%W%m%H%3%k$N%+%W%;%k2=$O!"(B
$B%"%/%F%#%V$J%;%C%7%g%s$NFs2sL\$NDL?.$,$"$C$?>l9g!"(B
$B%3%s%H%m!<%k%W%m%H%3%k$,0BA4$G$"$k$3$H$r0UL#$7$^$9!#(B
$B4{$K%;%C%7%g%s$,L5$$>l9g$O!"(BNull $B0E9f%9%$!<%H$,;H$o$l!"(B
$B0E9f2=$O9T$J$o$l$:!"%;%C%7%g%s$,3NN)$9$k$^$G$O(B
$B%@%$%8%'%9%H$bL5$$>uBV$H$J$j$^$9!#(B</p>
</section>
<section id="datatransfer">
<title>$B%G!<%?DL?.(B</title>
<p><a href="#figure3">$B?^(B3</a>$B$K<($5$l$k(B SSL $B%l%3!<%I%W%m%H%3%k(B
$B$O%/%i%$%"%s%H$H%5!<%P4V$N%"%W%j%1!<%7%g%s$d(B
SSL $B%3%s%H%m!<%k%G!<%?$NDL?.$K;H$o$l$^$9!#(B
$B$3$N%G!<%?$O$h$j>.$5$$%f%K%C%H$KJ,$1$i$l$?$j!"(B
$B$$$/$D$+$N9b5i%W%m%H%3%k$r$^$H$a$F0l%f%K%C%H$H$7$FDL?.$,(B
$B9T$J$o$l$k$3$H$b$"$j$^$9!#(B
$B%G!<%?$r05=L$7!"%@%$%8%'%9%H=pL>$rE:IU$7$F!"(B
$B$3$l$i$N%f%K%C%H$r0E9f2=$7$?$N$A!"%Y!<%9$H$J$C$F$$$k(B
$B?.Mj@-$N$"$k%H%i%s%9%]!<%H%W%m%H%3%k$rMQ$$$k$+$b$7$l$^$;$s!#(B
($BCm0U(B: $B8=:_%a%8%c!<$J(B SLL $B<BAu$G05=L$r%5%]!<%H$7$F$$$k$b$N$O$"$j$^$;$s(B)</p>
<p class="figure">
<img src="ssl_intro_fig3.gif" alt="" width="423" height="323" /><br />
<a id="figure3" name="figure3"><dfn>$B?^(B 3</dfn></a>: SSL $B%l%3!<%I%W%m%H%3%k(B
</p>
</section>
<section id="securehttp">
<title>HTTP $BDL?.$N0BA42=(B</title>
<p>$B$h$/$"$k(B SSL $B$N;H$$J}$O%V%i%&%6$H%&%'%V%5!<%P4V$N(B HTTP $BDL?.(B
$B$N0BA42=$G$9!#(B
$B$3$l$O!"=>Mh$N0BA4$G$O$J$$(B HTTP $B$N;HMQ$r=|30$9$k$b$N$G$O$"$j$^$;$s!#(B
$B0BA42=$5$l$?$b$N$O<g$K(B SSH $B>e$NIaDL$N(B HTTP $B$G!"(BHTTPS $B$H8F$P$l$^$9!#(B
$BBg$-$J0c$$$O!"(BURL $B%9%-!<%`$K(B <code>http</code> $B$NBe$o$j$K(B <code>https</code>
$B$rMQ$$!"%5!<%P$,JL$N%]!<%H$r;H$&$3$H$G$9(B ($B%G%U%)%k%H$G$O(B443)$B!#(B
$B$3$l$,<g$K(B <module
>mod_ssl</module> $B$,(B Apache $B%&%'%V%5!<%P$KDs6!$9$k5!G=$G$9!#(B</p>
</section>
</section>
<!-- /ssl -->
<section id="references">
<title>$B;29MJ88%(B</title>
<dl>
<dt><a id="AC96" name="AC96">[AC96]</a></dt>
<dd>Bruce Schneier, <q>Applied Cryptography</q>, 2nd Edition, Wiley,
1996. See <a href="http://www.counterpane.com/"
>http://www.counterpane.com/</a> for various other materials by Bruce
Schneier.</dd>
<dt><a id="X208" name="X208">[X208]</a></dt>
<dd>ITU-T Recommendation X.208, <q>Specification of Abstract Syntax Notation
One (ASN.1)</q>, 1988. See for instance <a
href="http://www.itu.int/rec/recommendation.asp?type=items&lang=e&parent=T-REC-X.208-198811-I"
>http://www.itu.int/rec/recommendation.asp?type=items&lang=e&parent=T-REC-X.208-198811-I</a>.
</dd>
<dt><a id="X509" name="X509">[X509]</a></dt>
<dd>ITU-T Recommendation X.509, <q>The Directory - Authentication
Framework</q>. See for instance <a
href="http://www.itu.int/rec/recommendation.asp?type=folders&lang=e&parent=T-REC-X.509"
>http://www.itu.int/rec/recommendation.asp?type=folders&lang=e&parent=T-REC-X.509</a>.
</dd>
<dt><a id="PKCS" name="PKCS">[PKCS]</a></dt>
<dd><q>Public Key Cryptography Standards (PKCS)</q>,
RSA Laboratories Technical Notes, See <a
href="http://www.rsasecurity.com/rsalabs/pkcs/"
>http://www.rsasecurity.com/rsalabs/pkcs/</a>.</dd>
<dt><a id="MIME" name="MIME">[MIME]</a></dt>
<dd>N. Freed, N. Borenstein, <q>Multipurpose Internet Mail Extensions
(MIME) Part One: Format of Internet Message Bodies</q>, RFC2045.
See for instance <a href="http://ietf.org/rfc/rfc2045.txt"
>http://ietf.org/rfc/rfc2045.txt</a>.</dd>
<dt><a id="SSL2" name="SSL2">[SSL2]</a></dt>
<dd>Kipp E.B. Hickman, <q>The SSL Protocol</q>, 1995. See <a
href="http://www.netscape.com/eng/security/SSL_2.html"
>http://www.netscape.com/eng/security/SSL_2.html</a>.</dd>
<dt><a id="SSL3" name="SSL3">[SSL3]</a></dt>
<dd>Alan O. Freier, Philip Karlton, Paul C. Kocher, <q>The SSL Protocol
Version 3.0</q>, 1996. See <a
href="http://www.netscape.com/eng/ssl3/draft302.txt"
>http://www.netscape.com/eng/ssl3/draft302.txt</a>.</dd>
<dt><a id="TLS1" name="TLS1">[TLS1]</a></dt>
<dd>Tim Dierks, Christopher Allen, <q>The TLS Protocol Version 1.0</q>,
1999. See <a href="http://ietf.org/rfc/rfc2246.txt"
>http://ietf.org/rfc/rfc2246.txt</a>.</dd>
</dl>
</section>
<!-- /references -->
</manualpage>
