<?xml version="1.0" encoding="EUC-JP"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="ja" xml:lang="ja"><head><!--
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
              This file is generated from xml source: DO NOT EDIT
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      -->
<title>SSL/TLS Ź沽: Ϥ - Apache HTTP </title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body id="manual-page"><div id="page-header">
<p class="menu"><a href="../mod/">⥸塼</a> | <a href="../mod/directives.html">ǥ쥯ƥ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Ѹ</a> | <a href="../sitemap.html">ȥޥå</a></p>
<p class="apache">Apache HTTP  С 2.2</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP </a> &gt; <a href="http://httpd.apache.org/docs/">ɥơ</a> &gt; <a href="../">С 2.2</a> &gt; <a href="./">SSL/TLS</a></div><div id="page-content"><div id="preamble"><h1>SSL/TLS Ź沽: Ϥ</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/ssl/ssl_intro.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
<a href="../ja/ssl/ssl_intro.html" title="Japanese">&nbsp;ja&nbsp;</a></p>
</div>
<div class="outofdate">This translation may be out of date. Check the
            English version for recent changes.</div>

<blockquote>
<p>ɸ൬ʤɤϡεʤ٤ȤȤ
ơ⤷ˤɤεʤⵤʤС
ǯԤĤõƤʤ롣</p>

<p class="cite">-- <cite>A. Tanenbaum</cite>, "Introduction to
Computer Networks"</p>
</blockquote>

<p>
ȤȤǡξϤ WebHTTPApache ̤Ƥ
ɼԸǤƥȸǤϤޤ
SSL ץȥηŪʼǤĤϤޤ
ޤȿǧڴΤΥƥ˥å䡢
õ͢еʤɤνפˡŪˤĤƤⰷޤ
षʤ븦ؤνȯȤƿʳǰ¤٤뤳Ȥ
 mod_ssl Υ桼˴μ󶡤ŪȤƤޤ</p>

<p>˼줿ƤϼˡԤεĤβ
The Open Group Research Institute  <a href="http://home.earthlink.net/~fjhirsch/">Frederick J. Hirsch</a>
 ε <a href="http://home.earthlink.net/~fjhirsch/Papers/wwwj/article.html">
Introducing SSL and Certificates using SSLeay</a> ˤƤޤ
ε <a href="http://www.ora.com/catalog/wjsum97/">Web Security: A Matter of
Trust</a>, World Wide Web Journal, Volume 2, Issue 3, Summer 1997
˷Ǻܤޤ
Ūʰո <a href="mailto:hirsch@fjhirsch.com">Frederick Hirsch</a> 
 () Ƥζ <a href="mailto:rse@engelschall.com">Ralf S. Engelschall</a> (
<code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> κ) ؤꤤޤ
[: ˤĤƤ <a href="mailto:apache-docs@ml.apache.or.jp">
Apache ɥץ</a>
ؤꤤޤ]</p>
</div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#cryptographictech">Ź沽</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#certificates"></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ssl">Secure Sockets Layer (SSL)</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#references">ʸ</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="cryptographictech" id="cryptographictech">Ź沽</a></h2>

<p>SSL 򤹤ˤϡŹ楢르ꥺࡢ
åȴؿ(̾: ؿϥåؿ)
Żҽ̾ʤɤؤɬפǤ
εѤܤݤɬפܤ
(㤨 [<a href="#AC96">AC96</a>] 򻲾)
ץ饤ХѡǧڤʤɤεѤδäȤʤäƤޤ</p>

<h3><a name="cryptographicalgo" id="cryptographicalgo">Ź楢르ꥺ</a></h3>

    <p>㤨СꥹΤ˶Ԥ˥åꤿȤޤ
    ֹζۤޤޤ뤿ᡢ
    ꥹϤΥå̩ˤȻפޤ
    ˡΰĤϰŹ楢르ꥺȤäơå
    ɤޤͰʳɤळȤǤʤŹ沽줿
    ֤ѤƤޤȤǤ
    η֤ˤʤȡ
    å̩θˤäƤΤ߲᤹뤳ȤǤޤ
    ʤǤϡåΩޤ
    ɤŹ楢르ꥺϡԤΥƥȤɤ뤳Ȥ
    񤷤뤿ᡢϤ˹ʤޤ</p>

    <p>Ź楢르ꥺˤ
    跿ȸĤμबޤ</p>

    <dl>
    <dt>跿Ź</dt>
    <dd>оΰŹȤƤΤ졢
    ԤȼԤͭ뤳ȤɬפǤ
    ȤϡåŹ沽椹Τ˻Ȥ̩
    ξΤȤǤ
    ⤷θ̩ʤ顢Ԥȼ԰ʳïå
    ळȤǤޤ
    ⤷⡢ꥹȶԤ̩θΤäƤʤ顢
    Ϥߤ̩Υå뤳ȤǤǤ礦
    ̩˸֤ȤŻޤǤޤ</dd>

    <dt>Ź</dt>
    <dd>оΰŹȤƤΤ졢
    åŹ沽뤳ȤΤǤĤθ
    Ѥ륢르ꥺ뤳ȤǸΤ
    ޤ
    ⤷븰Ź沽˻Ȥ줿ʤ顢
    ⤦θ椷ʤФޤ
    ˤäơĤθɽ()
    ⤦̩ˤƤ(̩)ǡ
    ʥå뤳ȤǤޤ</dd>
    </dl>

    <p>ï⤬Ź沽줿åˤäưŹ沽
    뤳ȤǤޤ̩λɤळȤ
    Ǥޤ
    ˡǡԤθȤäưŹ沽뤳Ȥǡ
    ꥹ̩Υå뤳ȤǤޤ
    ԤΤߤ椹뤳ȤǤޤ</p>


<h3><a name="messagedigests" id="messagedigests">å</a></h3>

    <p>ꥹϥå̩ˤ뤳ȤǤޤ
    ï㤨мʬ⤹褦˥åѹꡢ
    ̤ΤΤ֤Ƥޤ⤷ʤȤ꤬ޤ
    ꥹΥåοѤݾڤˡΰĤϡ
    åδʷʥȤäơԤȤΤǤ
    åȶԤȤ
    ꥹäΤ٤ޤ⤷פʤ顢
    äå̵ȤȤˤʤޤ</p>

    <p>Τ褦<dfn>å</dfn>
    <em>Դؿ</em>ޤ<em>ϥåؿ</em>ȸƤФޤ
    åȤĹĹΥå
    ûĹɽΤ˻Ȥޤ
    ȥ르ꥺϥå
    դʥȤ褦˺Ƥޤ
    åȤϥȤ鸵Υå
    ȽꤹΤȤƤ񤷤褦ˤǤƤޤ
    ޤƱĤΥåõΤԲǽǤ
    äơƱȤäƥå֤Ȥ
    ǽӽƤޤ</p>

<p>ꥹؤΤ⤦ĤϡΥȤˡõȤǤ
줬ǤСåοѤݾڤޤ
ĤˡϤΥȤŻҽ̾ޤळȤǤ</p>


<h3><a name="digitalsignatures" id="digitalsignatures">Żҽ̾</a></h3>
<p>ꥹԤ˥åäȤԤϡ
Ԥˤʤꤹޤθ¤ؤμƤʤ
åΤΤμ¤ʬʤФޤ
ꥹˤäƺ졢å˴ޤޤ줿
<em>Żҽ̾</em>Ωޤ</p>

<p>Żҽ̾ϥåΥȤ䤽¾ξ(ֹʤ)
Ԥ̩ǰŹ沽뤳ȤǺޤ
ï⤬Ȥäƽ̾<em></em>뤳ȤǤޤ
̾ԤΤߤ̩ΤäƤޤ
ϡΤߤ̾Ȥ̣ޤ
ȤŻҽ̾˴ޤळȤϡ
ν̾ΥåΤߤͭǤ뤳Ȥ̣ޤ
ϡïȤѤƽ̾򤹤뤳ȤǤʤᡢ
åοѤݾڤޤ</p>

<p>Ԥ̾˵Ƹ˺ѤΤɤ
Żҽ̾ˤϰդʽֹ椬ޤޤޤ
ϡꥹʥåäƤʤȸ
Ԥޤ
̾Ǥ(ǧɻ)</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="certificates" id="certificates"></a></h2>

<p>ꥹ̩ΥåԤꡢ
̾򤷤ơåοѤݾڤ뤳ȤǤ뤪ˤʤޤ
̿Ƥ꤬˶ԤʤΤΤʤƤϤޤ
ϡȤԤ̩ФˤʤäƤΤ
ϳΤʤƤϤʤȤȤ̣ޤ
ƱͤˡԤϥåν̾˥ꥹν̾ǧɬפ
ޤ</p>

<p>⤷ξԤ˿ȸǧޤꤵ줿ؤ̾
񤬤СξԤȤ̿ˤĤ
ο뤳ȤǤޤ
Τ褦ʿꤵ줿ؤ<em>ǧڶ</em>
 (Certificate Authority ޤ CA) ȸƤФ졢
 (certificate) ǧ (authentication) ˻Ȥޤ</p>

<h3><a name="certificatecontents" id="certificatecontents"></a></h3>

    <p>ϸȸĿ͡С¾μΤμºߤοȸ
    Ϣդޤ
    <a href="#table1">ɽ1</a>˼褦˾оݤξ
    ȸξ(̾)ȸޤޤޤ
    ϤޤǧڶɤοȸȽ̾ƾ֤ͭ
    ޤߤޤ
    ꥢʥСʤɤǧڶɤδξ
    ¾ɲäξ󤬴ޤޤƤ뤫⤷ޤ</p>

    <h4><a name="table1" id="table1">ɽ1: </a></h4>
    
    <table>
    
    <tr><th>о</th>
        <td>̾</td></tr>
    <tr><th>ȯԼ</th>
        <td>̾</td></tr>
    <tr><th>ͭ</th>
        <td></td></tr>
    <tr><th></th>
        <td>С󡢥ꥢʥС</td></tr>
    <tr><th>ĥ</th>
        <td>Ū󡢥ͥåȥץեå¾</td></tr>
    </table>
    

    <p>̾(ǥƥ󥰥å塦͡)ξˤ
    ʬ󶡤Τ˻ȤƤޤ㤨Сͤ
    ѤȲҤȤ̡οʬĤ⤷ޤ
    
    ̾ X.509 ɸ൬ [<a href="#X509">X509</a>] Ƥޤ
    X.509 ɸ൬ʤϡܡ̾ƹܤάΤƤޤ(<a href="#table2">ɽ
    2</a> )</p>

    <h4><a name="table2" id="table2">ɽ 2: ̾</a></h4>
    
    <table class="bordered">
    
    <tr><th>̾</th>
        <th>ά</th>
        <th></th>
        <th></th></tr>
    <tr><td>Common Name (͡)</td>
        <td>CN</td>
        <td>ǧڤ̾<br />
        SSL³URL</td>
        <td>CN=www.example.com</td></tr>
    <tr><td>Organization or Company (ȿ̾)</td>
        <td>O</td>
        <td>ΤѸȿ̾</td>
        <td>O=Example Japan K.K.</td></tr>
    <tr><td>Organizational Unit (̾)</td>
        <td>OU</td>
        <td>̾ʤ</td>
        <td>OU=Customer Service</td></tr>
    <tr><td>City/Locality (ԶĮ¼)</td>
        <td>L</td>
        <td>ߤƤԶĮ¼</td>
        <td>L=Sapporo</td></tr>
    <tr><td>State/Province (ƻܸ)</td>
        <td>ST</td>
        <td>ߤƤƻܸ</td>
        <td>ST=Hokkaido</td></tr>
    <tr><td>Country()</td>
        <td>C</td>
        <td>ߤƤ̾ ISO <br />
        ܤξ JP
        </td>
        <td>C=JP</td></tr>
    </table>
    

    <p>ǧڶɤϤɤιܤάǽǤɤ줬ɬܤˤ
    ⤷ޤ󡣹ܤƤˤĤƤǧڶɤΥ桼
    ׷郎뤫⤷ޤ
    㤨СͥåȥפΥ֥饦ϥФξ
     Common Name (͡)ФΥɥᥤ̾
     <code>*.example.com</code> 
    Ȥ褦ʥ磻ɥɤΥѥ˥ޥå뤳
    ׵ᤷޤ</p>

    <p>Хʥξ ASN.1 ɽˡ
     [<a href="#X208">X208</a>] [<a href="#PKCS">PKCS</a>] 
    Ƥޤ
    ɽˡƤɤΤ褦˵Ҥ뤫
    沽ε꤬ξ󤬤ɤΤ褦˥ХʥѴ뤫
    ޤ
    ΥХʥ沽 Distinguished Encoding
    Rules (DER) 졢ϤŪ Basic Encoding Rules
    (BER) ˴ŤƤޤ
    Хʥ򰷤ȤΤǤʤǤϡ
    Хʥ Base64 沽 [<a href="#MIME">MIME</a>] 
    ASCII Ѵ뤳Ȥޤ
    Τ褦沽졢ʲ˼褦˶ڤԤ
    ޤ줿Τ PEM 沽줿ȸޤ
    (PEM ̾ "Privacy Enhanced Mail" ͳ褷ޤ)</p>

    <div class="example"><h3>PEM 沽줿 (example.crt)</h3><pre>-----BEGIN CERTIFICATE-----
MIIC7jCCAlegAwIBAgIBATANBgkqhkiG9w0BAQQFADCBqTELMAkGA1UEBhMCWFkx
FTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25ha2UgVG93bjEXMBUG
A1UEChMOU25ha2UgT2lsLCBMdGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhv
cml0eTEVMBMGA1UEAxMMU25ha2UgT2lsIENBMR4wHAYJKoZIhvcNAQkBFg9jYUBz
bmFrZW9pbC5kb20wHhcNOTgxMDIxMDg1ODM2WhcNOTkxMDIxMDg1ODM2WjCBpzEL
MAkGA1UEBhMCWFkxFTATBgNVBAgTDFNuYWtlIERlc2VydDETMBEGA1UEBxMKU25h
a2UgVG93bjEXMBUGA1UEChMOU25ha2UgT2lsLCBMdGQxFzAVBgNVBAsTDldlYnNl
cnZlciBUZWFtMRkwFwYDVQQDExB3d3cuc25ha2VvaWwuZG9tMR8wHQYJKoZIhvcN
AQkBFhB3d3dAc25ha2VvaWwuZG9tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDH9Ge/s2zcH+da+rPTx/DPRp3xGjHZ4GG6pCmvADIEtBtKBFAcZ64n+Dy7Np8b
vKR+yy5DGQiijsH1D/j8HlGE+q4TZ8OFk7BNBFazHxFbYI4OKMiCxdKzdif1yfaa
lWoANFlAzlSdbxeGVHoT0K+gT5w3UxwZKv2DLbCTzLZyPwIDAQABoyYwJDAPBgNV
HRMECDAGAQH/AgEAMBEGCWCGSAGG+EIBAQQEAwIAQDANBgkqhkiG9w0BAQQFAAOB
gQAZUIHAL4D09oE6Lv2k56Gp38OBDuILvwLg1v1KL8mQR+KFjghCrtpqaztZqcDt
2q2QoyulCgSzHbEGmi0EsdkPfg6mp0penssIFePYNI+/8u9HT4LuKMJX15hxBam7
dUHzICxBVC1lnHyYGjDuAMhe396lYAn8bCld1/L4NMGBCQ==
-----END CERTIFICATE-----</pre></div>


<h3><a name="certificateauthorities" id="certificateauthorities">ǧڶ</a></h3>

    <p>ޤοξǧ뤳Ȥǡ
    ǧڶɤ̩λοȸݾڤޤ
    㤨СꥹĿ;Ȥȡ
    ǧڶɤϥꥹοĥ̤
    ʪȤȤǧʤƤϤޤ</p>

    <h4><a name="certificatechains" id="certificatechains">ع¤</a></h4>
    
        <p>ǧڶɤ¾ǧڶɤؤξȯԤ뤳ȤǤޤ
        ̤ΤξĴ٤ˡꥹϤξȯԼ
        ˼ƤޤǡȯԼԤξ
        ξ̳ؤǧڶɤ򤿤ɤäĴ٤ɬפޤ
        ְʡ׾δ򸺤餹ᡢ
        ϸ¤줿ϢȯԼԤΤ߿ꤹ褦
        뤳ȤǤޤ</p>
    

    <h4><a name="rootlevelca" id="rootlevelca">Ǿǧڶɤκ</a></h4>
    
        <p>˽Ҥ٤褦ˡƤξˤĤơ
        Ǿ̤ǧڶ(CA)ޤǤ줾ȯԼԤ
        оݤοȸͭ餫ˤɬפޤ
        ϡïκǾ̤ǧڵؤξݾڤΤ
        ȤȤǤ
        Τ褦ʾ˸¤ꡢϡּʽ̾פޤ
        ĤޤꡢȯԼԤȾоݤƱȤȤˤʤޤ
        η̡ʽ̾줿Ѥˤ
        ٿդɬפǤ
        Ǿǧڶɤ򹭤ɽ뤳Ȥǡ
        θꤹꥹ㤯뤳ȤǤޤ
        ⤷¾ͤǧڶɤˤʤꤹޤˡ줬Ϫ
        Ǥ
        ¿Υ֥饦ͭ̾ǧڶɤꤹ褦
        ꤵƤޤ</p>

        <p><a href="http://www.thawte.com/">Thawte</a> 
         <a href="http://www.verisign.com/">VeriSign</a> 
        Τ褦¿βҤǧڶɤȤƳߤޤ
        Τ褦ʲҤϰʲΥӥ󶡤ޤ:</p>

        <ul>
        <li>γǧ</li>
        <li>ν</li>
        <li>ȯԤȴ</li>
        </ul>

        <p>ʬǧڶɤ뤳ȤǽǤ
        󥿡ͥåȴĶǤϴǤ
        Ŀͤ䥵Фοȸñ˹Ԥȿ
        ȥͥåǤΩĤ⤷ޤ</p>
    

    <h4><a name="certificatemanagement" id="certificatemanagement"></a></h4>
    
        <p>ǧڶɤγߤŰ줷ѡѤɬפȤ
        ǤΤŻǤ
        ǧڶɤϾȯԤǤʤ
        ⤷ʤФʤޤ
        Ūˤϡ񤬤Ĥޤͭꤷ
        ޤȯԤ줿Υꥹ
        (Certificate Revocation Lists ޤ CRL)
        ʤФޤ
        㤨СꥹҤҰȤƾͿ줿Ȥޤ
        ơꥹҤ򼭤ȤˤϾäʤ
        ʤȤޤ
        ϼȿͤϤƤΤʤΤǡ
        񤽤ΤΤ顢줬ä줿ȽǤ뤳Ȥ
        ԲǽǤ
        äơͭĴ٤Ȥˤϡ
        ǧڶɤϢ CRL ȹ礹ɬפޤ
        ̤βϼưƤΤǤϤޤ</p>

        <div class="note"><h3></h3>
        <p>ǥեȤǥ֥饦ꤵƤʤǧڶɤȤä硢
        ǧڶɤξ֥饦ɤ߹ǡ
        ֥饦ǧڶɤˤäƽ̾줿Фξ
        ͭɬפޤ
        ɤ߹ޤȡǧڶɤˤäƽ̾줿Ƥ
        뤿ᡢȼޤ</p>
        </div>
    


</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="ssl" id="ssl">Secure Sockets Layer (SSL)</a></h2>

<p>Secure Sockets Layer ץȥϿΤ륳ͥ󷿤
ͥåȥؤΥץȥ(㤨СTCP/IP)
ץꥱؤΥץȥ(㤨СHTTP)
δ֤֤ȤǤޤ
SSL ϡǧڤˤäƥФȥ饤ȴ֤ΰ̿
Żҽ̾ˤäƥǡδ
ưŹ沽ˤäƥץ饤Х󶡤ޤ</p>

<p>SSL ץȥϰŹ沽ȡŻҽ̾ˤĤơ
͡ʥ르ꥺ򥵥ݡȤ褦ˤǤƤޤ
뤳Ȥǡˡ͢ФεθơФ˹碌
르ꥺ֤ȤǤޤ르ꥺ
ѤƤȤǽˤƤޤ
르ꥺϥץȥ륻å󳫻ϻ
Фȥ饤ȴ֤Ǽޤ</p>

<h3><a name="table4" id="table4">ɽ4: SSL ץȥΥС</a></h3>

    <table class="bordered">
    
    <tr><th>С</th>
        <th>ŵ</th>
        <th></th>
        <th>֥饦Υݡ</th></tr>
    <tr><td>SSL v2.0</td>
        <td>Vendor Standard (Netscape Corp. ) [<a href="#SSL2">SSL2</a>]</td>
        <td>¸Ƥ SSL ץȥ</td>
        <td>- NS Navigator 1.x/2.x<br />
        - MS IE 3.x<br />
        - Lynx/2.8+OpenSSL</td></tr>
    <tr><td>SSL v3.0</td>
        <td>Expired Internet Draft (Netscape Corp. ) [<a href="#SSL3">SSL3</a>]</td>
        <td>Υƥɤβ
        RSA Źɲáع¤Υݡ</td>
        <td>- NS Navigator 2.x/3.x/4.x<br />
        - MS IE 3.x/4.x<br />
        - Lynx/2.8+OpenSSL</td></tr>
    <tr><td>TLS v1.0</td>
        <td>Proposed Internet Standard (IETF ) [<a href="#TLS1">TLS1</a>]</td>
        <td>MAC 쥤 HMAC ع֥åŹ block
        paddingåɸಽٹʸν¤ʤɤΤ
        SSL 3.0 </td>
        <td>- Lynx/2.8+OpenSSL</td></tr>
    </table>


<p><a href="#table4">ɽ4</a>˼ȤꡢSSL ץȥˤ
ĤΥС󤬤ޤ
ɽˤ񤫤Ƥ褦ˡSSL 3.0 ΰĤ
ع¤򥵥ݡȤ뤳ȤǤ
εǽˤäơФϼʬξ˲äơ
ȯԼԤξ֥饦ϤȤǤޤ
ع¤ˤäơ
֥饦ȯԼԤξľϿƤʤƤ⡢
ؤ˴ޤޤƤС
֥饦ϥФξͭ뤳ȤǤޤ
SSL 3.0 ϸ Internet Engineering Task Force (IETF) 
ˤäƳȯƤ Transport Layer Security 
[<a href="#TLS1">TLS</a>] ץȥɸ൬ʤδäȤʤäƤޤ</p>

<h3><a name="session" id="session">åγΩ</a></h3>

    <p><a href="#figure1">1</a>Ǽ褦ˡ
    åγΩϥ饤Ȥȥд֤
    ϥɥ󥹤ˤäƹԤʤޤ
    Ф󶡤뤫饤ȤξꥯȤ뤫
    ȤФˤꡢΥ󥹤ϰۤʤΤȤʤޤ
    ŹδΤˡɲäΥϥɥɬפˤʤ
    ⤢ޤεǤ
    褯륷ʥꥪûޤ
    ƤβǽˤĤϡSSL ͽ򻲾ȤƤ</p>

    <div class="note"><h3></h3>
    <p> SSL å󤬳ΩȡåѤ뤳Ȥǡ
    å򳫻Ϥ뤿¿β򷫤֤Ȥ
    ѥեޥ󥹤»ɤޤ
    ΤᡢФƤΥå˰դʥå̾
    ơФ˥å夷饤Ȥϼ󤫤
    (̾ФΥåǴڤˤʤޤǤ)
    ϥɥʤ³뤳ȤǤޤ</p>
    </div>

    <p class="figure">
    <img src="../images/ssl_intro_fig1.gif" alt="" width="423" height="327" /><br />
    <a id="figure1" name="figure1"><dfn>1</dfn></a>: SSL
    ϥɥ󥹳ά</p>

    <p>Фȥ饤ȤǻȤ
    ϥɥ󥹤Ǥʲ˼ޤ:</p>

    <ol>
    <li>ǡ̿˻ȤŹ楹Ȥμ</li>
    <li>饤Ȥȥд֤ǤΥå󸰤γΩȶͭ</li>
    <li>ץȤơ饤ȤФ륵Фǧ</li>
    <li>ץȤơФФ륯饤Ȥǧ</li>
    </ol>

    <p>쥹ƥåפΰŹ楹ȼˤäơ
    Фȥ饤ȤϤ줾ˤä
    Ź楹Ȥ֤ȤǤޤ
    SSL3.0 ץȥλͽ 31 ΰŹ楹ȤƤޤ
    Ź楹ȤϰʲΥݡͥȤˤƤޤ:</p>

    <ul>
    <li>θ򴹼</li>
    <li>ǡ̿ΰŹ</li>
    <li>Message Authentication Code (MAC) Τ
    å</li>
    </ul>

    <p>λĤǤϰʲΥƤޤ</p>


<h3><a name="keyexchange" id="keyexchange">θ򴹼</a></h3>

    <p>θ򴹼ʤϥץꥱΥǡ̿˻Ȥ졢
    ͭоΰŹ渰ɤΤ褦ˤ饤ȤȥФ
    뤫ޤ
    SSL 2.0  RSA 򴹤Ȥޤ󤬡
    SSL 3.0 Ͼ񤬻ȤȤ RSA 򴹤Ȥ
    ̵饤ȤȥФλ̵̿
    Diffie-Hellman 򴹤Ȥ
    ʤ͡ʸ򴹥르ꥺ򥵥ݡȤޤ</p>

    <p>θˡˤĤŻҽ̾Ǥ
    Żҽ̾Ȥɤޤ
    ɤμν̾ȤȤ򤬤ޤ
    ̩ǽ̾뤳ȤǶͭ򴹤
    ޥ󡦥󡦥ߥɥ빶ɤȤǤޤ
    [<a href="#AC96">AC96</a>, p516]</p>


<h3><a name="ciphertransfer" id="ciphertransfer">ǡ̿ΰŹ</a></h3>

    <p>SSL ϥåΥåΰŹ沽Ҥ
    跿Ź(оΰŹ)Ѥޤ
    Ź沽ʤȤޤĤ褬ޤ:</p>

    <ul>
    <li>Ź沽ʤ</li>
    <li>ȥ꡼Ź
        <ul>
        <li>40-bit Ǥ RC4</li>
        <li>128-bit Ǥ RC4</li>
        </ul></li>
    <li>CBC ֥åŹ
        <ul><li>40 bit Ǥ RC2</li>
        <li>40 bit Ǥ DES</li>
        <li>56 bit Ǥ DES</li>
        <li>168 bit Ǥ Triple-DES</li>
        <li>Idea (128 bit )</li>
        <li>Fortezza (96 bit )</li>
        </ul></li>
    </ul>

    <p>Ǥ CBC ȤϰŹ֥åϢ (Cipher Block Chaining)
     άǡΰŹ沽줿Źʸΰ
    ֥åΰŹ沽˻Ȥ뤳Ȥ̣ޤ
    DES ϥǡŹ沽ɸ൬ (Data Encryption Standard)
     [<a href="#AC96">AC96</a>, ch12] άǡ
    DES40  3DES_EDE ޤतĤμबޤ
    Idea ϺǹʤΤΰĤǡŹŪˤϸߤ
    Ǥ⶯ϤʤΤǤ
    RC2  RSA DSI ˤŪʥ르ꥺǤ
     [<a href="#AC96">AC96</a>,
    ch13]</p>


<h3><a name="digestfuntion" id="digestfuntion">ȴؿ</a></h3>

    <p>
    ȴؿϥ쥳ɥ˥åȤɤΤ褦˥Ȥ뤫ꤷޤ
    SSL ϰʲ򥵥ݡȤޤ:</p>

    <ul>
    <li>Ȥʤ</li>
    <li>MD5 (128-bit ϥå)</li>
    <li>Secure Hash Algorithm (SHA-1) (160-bit ϥå)</li>
    </ul>

    <p>åȤ Message Authentication Code (MAC) 
    ˻Ȥ졢åȶ˰Ź沽졢åοѤ
    󶡤ץ쥤ɤޤ</p>


<h3><a name="handshake" id="handshake">ϥɥ󥹥ץȥ</a></h3>

    <p>ϥɥ󥹤ϻĤΥץȥȤޤ:</p>

    <ul>
    <li><dfn>SSL ϥɥץȥ</dfn>
    饤Ȥȥд֤Ǥ SSL åγΩ˻Ȥޤ</li>
    <li><dfn>SSL Źѹץȥ</dfn>
    åǤΰŹ楹Ȥμ˻Ȥޤ</li>
    <li><dfn>SSL ٹץȥ</dfn>
    饤ȥд֤ SSL 顼ãΤ˻Ȥޤ</li>
    </ul>

    <p>ĤΥץȥϡץꥱץȥǡȤȤˡ
    <a href="#figure2">2</a>˼Ȥ <dfn>SSL 쥳ɥץȥ</dfn>
    ǥץ벽ޤ
    ץ벽줿ץȥϥǡ򸡺ʤ
    ؤΥץȥˤäƥǡȤãޤ
    ץ벽줿ץȥϲؤΥץȥ˴ؤưڴΤޤ</p>

    <p class="figure">
    <img src="../images/ssl_intro_fig2.gif" alt="" width="428" height="217" /><br />
    <a id="figure2" name="figure2"><dfn>2</dfn></a>: SSL ץȥ륹å
    </p>

    <p>
    쥳ɥץȥˤ SSL ȥץȥΥץ벽ϡ
    ƥ֤ʥåܤ̿ä硢
    ȥץȥ뤬Ǥ뤳Ȥ̣ޤ
    ˥å̵ϡNull Ź楹ȤȤ졢
    Ź沽ϹԤʤ줺å󤬳ΩޤǤ
    Ȥ̵֤Ȥʤޤ</p>


<h3><a name="datatransfer" id="datatransfer">ǡ̿</a></h3>

    <p><a href="#figure3">3</a>˼ SSL 쥳ɥץȥ
    ϥ饤Ȥȥд֤Υץꥱ
    SSL ȥǡ̿˻Ȥޤ
    ΥǡϤ꾮˥åȤʬ줿ꡢ
    ĤιץȥޤȤư˥åȤȤ̿
    Ԥʤ뤳Ȥ⤢ޤ
    ǡ򰵽̤Ƚ̾źդơ
    Υ˥åȤŹ沽Τ١ȤʤäƤ
    Τȥ󥹥ݡȥץȥѤ뤫⤷ޤ
    (: ߥ᥸㡼 SLL ǰ̤򥵥ݡȤƤΤϤޤ)</p>

    <p class="figure">
    <img src="../images/ssl_intro_fig3.gif" alt="" width="423" height="323" /><br />
    <a id="figure3" name="figure3"><dfn> 3</dfn></a>: SSL 쥳ɥץȥ
    </p>


<h3><a name="securehttp" id="securehttp">HTTP ̿ΰ</a></h3>

    <p>褯 SSL λȤϥ֥饦ȥ֥д֤ HTTP ̿
    ΰǤ
    ϡΰǤϤʤ HTTP λѤΤǤϤޤ
    줿Τϼ SSH ̤ HTTP ǡHTTPS ȸƤФޤ
    礭ʰ㤤ϡURL  <code>http</code>  <code>https</code>
    ѤФ̤ΥݡȤȤȤǤ (ǥեȤǤ443)
    줬 <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>  Apache ֥Ф󶡤뵡ǽǤ</p>

</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="references" id="references">ʸ</a></h2>

<dl>
<dt><a id="AC96" name="AC96">[AC96]</a></dt>
<dd>Bruce Schneier, <q>Applied Cryptography</q>, 2nd Edition, Wiley,
1996. See <a href="http://www.counterpane.com/">http://www.counterpane.com/</a> for various other materials by Bruce
Schneier.</dd>

<dt><a id="X208" name="X208">[X208]</a></dt>
<dd>ITU-T Recommendation X.208, <q>Specification of Abstract Syntax Notation
One (ASN.1)</q>, 1988. See for instance <a href="http://www.itu.int/rec/recommendation.asp?type=items&amp;lang=e&amp;parent=T-REC-X.208-198811-I">http://www.itu.int/rec/recommendation.asp?type=items&amp;lang=e&amp;parent=T-REC-X.208-198811-I</a>.
</dd>

<dt><a id="X509" name="X509">[X509]</a></dt>
<dd>ITU-T Recommendation X.509, <q>The Directory - Authentication
Framework</q>. See for instance <a href="http://www.itu.int/rec/recommendation.asp?type=folders&amp;lang=e&amp;parent=T-REC-X.509">http://www.itu.int/rec/recommendation.asp?type=folders&amp;lang=e&amp;parent=T-REC-X.509</a>.
</dd>

<dt><a id="PKCS" name="PKCS">[PKCS]</a></dt>
<dd><q>Public Key Cryptography Standards (PKCS)</q>, 
RSA Laboratories Technical Notes, See <a href="http://www.rsasecurity.com/rsalabs/pkcs/">http://www.rsasecurity.com/rsalabs/pkcs/</a>.</dd>

<dt><a id="MIME" name="MIME">[MIME]</a></dt>
<dd>N. Freed, N. Borenstein, <q>Multipurpose Internet Mail Extensions
(MIME) Part One: Format of Internet Message Bodies</q>, RFC2045.
See for instance <a href="http://ietf.org/rfc/rfc2045.txt">http://ietf.org/rfc/rfc2045.txt</a>.</dd>

<dt><a id="SSL2" name="SSL2">[SSL2]</a></dt>
<dd>Kipp E.B. Hickman, <q>The SSL Protocol</q>, 1995. See <a href="http://www.netscape.com/eng/security/SSL_2.html">http://www.netscape.com/eng/security/SSL_2.html</a>.</dd>

<dt><a id="SSL3" name="SSL3">[SSL3]</a></dt>
<dd>Alan O. Freier, Philip Karlton, Paul C. Kocher, <q>The SSL Protocol
Version 3.0</q>, 1996. See <a href="http://www.netscape.com/eng/ssl3/draft302.txt">http://www.netscape.com/eng/ssl3/draft302.txt</a>.</dd>

<dt><a id="TLS1" name="TLS1">[TLS1]</a></dt>
<dd>Tim Dierks, Christopher Allen, <q>The TLS Protocol Version 1.0</q>,
1999. See <a href="http://ietf.org/rfc/rfc2246.txt">http://ietf.org/rfc/rfc2246.txt</a>.</dd>
</dl>
</div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/ssl/ssl_intro.html" hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
<a href="../ja/ssl/ssl_intro.html" title="Japanese">&nbsp;ja&nbsp;</a></p>
</div><div id="footer">
<p class="apache">Copyright 2006 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">⥸塼</a> | <a href="../mod/directives.html">ǥ쥯ƥ</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Ѹ</a> | <a href="../sitemap.html">ȥޥå</a></p></div>
</body></html>