2006-11-15

2006-11-14

SSL Handshake Sequence

參考apache

Phase 1
Establish protocol version, session id, cipher suite, compression method
Exchange random values
01. => ClientHello
02. <= ServerHello

Phase 2
Optionally send server certificate and request client certificate
03. <= ServerCertificate
04. <= CertificateRequest
05. <= ServerHelloDone

Phase 3
Send client certificate response if requested
06. => ClientCertificate
07. => CertificateVerify

Phase 4
Change CipherSuite and finish handshake
08. => ChangeCipherSpec
09. => Finished
10. <= ChangeCipherSpec
11. <= Finished

2006-11-09

有關SSL and TLS

這幾天在翻SAML的東西,由於對於security的東西都不太熟悉,所以回頭看看SSL之類的資料

這邊找到一份舊資料有關製作SSL憑證作來參考 :-)

而想要認識SAML的人可以先參考這份overview