A - B - C - D - E - F - H - I - L - M - O - P - R - S - T - U - V - W - X

TLS

Click on the red underlined text to get to the source

... required security measures. SSL, and its successor TLS [RFC2246] were designed to provide channel-oriented security ...

... channel-oriented security. This document describes how to use HTTP over TLS. ...

2. HTTP Over TLS

... HTTP Over TLS ...

... Conceptually, HTTP/TLS is very simple. Simply use HTTP over TLS ...

... HTTP/TLS is very simple. Simply use HTTP over TLS precisely as you would use HTTP over TCP ...

... The agent acting as the HTTP client should also act as the TLS client. It should initiate a connection ...

... connection to the server on the appropriate port and then send the TLS ClientHello to begin the TLS handshake ...

... appropriate port and then send the TLS ClientHello to begin the TLS handshake. When the TLS ...

... TLS handshake. When the TLS handshake has finished. The client may then ...

... initiate the first HTTP request. All HTTP data MUST be sent as TLS "application data". Normal HTTP ...

... TLS provides a facility for secure connection closure. When a valid ...

... closure alert is received, an implementation can be assured that no further data will be received on that connection. TLS implementations MUST initiate an exchange of closure alerts before closing a connection ...

... closure alerts before closing a connection. A TLS implementation MAY, after sending a closure alert, close the connection ...

... security of the data already received, but simply indicates that subsequent data might have been truncated. Because TLS is oblivious to HTTP request/response boundaries, it is necessary to examine the HTTP data ...

... Content-Length header closed before all data has been read. Because TLS does not provide document oriented protection, it is impossible to determine whether the server has miscomputed the Content-Length ...

... A client detecting an incomplete close SHOULD recover gracefully. It MAY resume a TLS session closed in this fashion. ...

... since the client can often determine when the end of server data is. Servers SHOULD be willing to resume TLS sessions closed in this fashion. ...

... HTTP server expects to receive from the client is the Request-Line production. The first data that a TLS server (and hence an HTTP/TLS ...

... TLS server (and hence an HTTP/TLS server) expects to receive is the ClientHello. Consequently, common practice has been to run HTTP/TLS ...

... TLS server) expects to receive is the ClientHello. Consequently, common practice has been to run HTTP/TLS over a separate port in order to distinguish which protocol is being used. ...

... separate port in order to distinguish which protocol is being used. When HTTP/TLS is being run over a TCP/IP connection, the default port ...

... port is 443. This does not preclude HTTP/TLS from being run over another transport. TLS ...

... TLS from being run over another transport. TLS only presumes a reliable connection-oriented data stream. ...

... HTTP/TLS is differentiated from HTTP URIs by using the 'https' ...

... example URI specifying HTTP/TLS is: ...

3. Endpoint Identification

... In general, HTTP/TLS requests are generated by dereferencing a URI. ...

... HTML page which was itself obtained without using HTTP/TLS, a man in the middle could have replaced the URI ...

... server has such knowledge (typically from some source external to HTTP or TLS) it SHOULD check the identity as described above. ...

4. References

... Dierks, T. and C. Allen, "The TLS Protocol", RFC 2246^prop(-> 4346^prop), January 1999. ...

... Khare, R. and S. Lawrence, "Upgrading to TLS Within HTTP/1.1", RFC 2817, May 2000. ...

A - B - C - D - E - F - H - I - L - M - O - P - R - S - T - U - V - W - X

Previous | Next

Frontpage | Contents | Keywords

RFC-Ref.org

Sister Sites

Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org