Web技術の基本 4回目 / Introduction to Web technologies 4th class

Transcript

1. Webٕज़ͷجຊ 4ճ໨ Keisuke KAMIYA

2. ࠓճͷςʔϚ

3. HTTPͰ΍ΓऔΓ͢Δ࢓૊Έ - ޙ൒ઓ -

4. HTTPͷ͓͞Β͍

5. HTTP/1.1ͷ෮श

6. HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTP/1.1͸1997೥ॳ಄ʹެ։͞Εͨ • ࠓ·Ͱʹ2౓վఆ͞Ε͍ͯΔ ‣ 1999೥1݄ʹൃߦ͞ΕͨRFC2616 ‣ 2014೥6݄ʹൃߦ͞ΕͨRFC7230 •

   HTTP/1.1ͷओͳಛ௃͸࣍ͷ௨Γ ‣ HTTPΩʔϓΞϥΠϒ ‣ HTTPύΠϓϥΠϯ ໰ɿ2ͭͷػೳͱ͸ԿͩͬͨͰ͠ΐ͏͔

7. HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPΩʔϓΞϥΠϒ
 ίωΫγϣϯΛܧଓͯ͠ར༻͢Δ͜ͱ ‣ HTTP/1.0ҎલͰ͸, HTTPϦΫΤετΛ͢Δͨͼʹί ωΫγϣϯཱ֬Λ͍ͯͨ͠ʢ1౓௨৴ͨ͠Βͦͷͨͼ ʹίωΫγϣϯΛΫϩʔζ͍ͯͨ͠ʣ ‣

   ඇৗʹޮ཰͕ѱ͍

8. HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPΩʔϓΞϥΠϒ
 ͦͷͨΊ, HTTP/1.1Ҏ߱Ͱ͸ίωΫγϣϯΛܧଓͯ͠ར༻͢Δ͜ͱ͕Մ ೳʹͳͬͨ. ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ

   ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ඇHTTPΩʔϓΞϥΠϒ HTTPΩʔϓΞϥΠϒ

9. HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPύΠϓϥΠϯ ‣ HTTP͸, ௨ৗHTTPϨεϙϯεΛड͚औͬͨ͋ͱ࣍ͷ ϦΫΤετΛൃߦ͢Δ ‣ ωοτϫʔΫͷঢ়ଶʹΑͬͯ͸, ஶ͍͠஗Ԇ͕ൃੜ

   → HTTPϨεϙϯεΛ଴ͭ͜ͱແ͘, ෳ਺ͷHTTPϦΫ ΤετΛૹ৴͢Δ͜ͱΛՄೳʹ͢ΔػೳΛHTTPύ ΠϓϥΠϯͱ͍͏

10. HTTP/1.1ͷ΍ΓͱΓʢ෮शʣ • HTTPύΠϓϥΠϯ ίωΫγϣϯཱ֬ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ίωΫγϣϯ੾அ ίωΫγϣϯཱ֬

    ίωΫγϣϯ੾அ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε ϨεϙϯεΛ଴ͨͣʹ
 ϦΫΤετΛૹ৴͢Δ HTTP/1.0Ҏલ HTTP/1.1Ҏ߱ ࣌ؒ୹ॖ

11. HTTP/2ͷ෮श

12. HTTP/2ͷ΍ΓͱΓ • ࣌୅ͱڞʹWebϖʔδ͸ෳࡶԽ͍͖ͯ͠, ը૾αΠζ΍ εΫϦϓταΠζ͕େ͖͘ͳ͍ͬͯͬͨ • HTTP/1.1ͰύΠϓϥΠϯػೳ͕௥Ճ͞Ε, ଟ͘ͷσʔλ Λޮ཰తʹసૹ͢Δ͜ͱ͕Մೳʹͳͬͨ΋ͷͷ, ύΠϓ

    ϥΠϯػೳ͸େ͖ͳΦʔόʔϔουʹͳΔ ‣ ৽ͨͳόʔδϣϯͰ͋ΔHTTP/2͕ఏҊ͞Εͨ

13. HTTP/2ͷ΍ΓͱΓ • HTTP/2
 Googleͷ։ൃͨ͠, ௨৴ͷߴ଎ԽΛ໨తͱ࣮ͨ͠ݧతͳ ϓϩτίϧSPDYͱ͍͏ϓϩτίϧΛϕʔεʹ࡞੒ͨ͠ϓ ϩτίϧ. 2015೥ͷ5݄ʹਖ਼ࣜͳඪ४Խ͕ͳ͞Εͨ • ࣍ͷΑ͏ͳಛ௃͕͋Δ

    ‣ ετϦʔϜʹΑΔଟॏԽ ‣ όΠφϦܗࣜͰૹΔ͜ͱͰߋͳΔ࠷దԽ͕Մೳ ‣ ϔομʔͷѹॖ ‣ αʔόϓογϡ

14. HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ • ετϦʔϜʹΑΔଟॏԽ ‣ HTTP/1.0Ҏલ
 HTTPϦΫΤετ͸, HTTPϨεϙϯεΛ଴ͬͨޙʹૹ৴ ՄೳͱͳΔ ‣ HTTP/1.1


    ύΠϓϥΠϯʹΑΓ, ಉ࣌ʹෳ਺ͷϦΫΤετΛૹ৴͢ Δ͜ͱ͕Մೳʹͳͬͨ → ʮHTTPϦΫΤετͷॱ൪ͰϨεϙϯεΛฦ͢ʯͱ͍ ͏੍໿͕͍͍ͭͯͨ

15. HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ • Webϒϥ΢β͔Βෳ਺ͷϦΫΤετ͕ඈΜͰ͖ͯ΋, ͋ Δ1ͭͷHTTPϨεϙϯεͷॲཧʹ͕͔͔࣌ؒΔ৔߹, શ ͯͷϨεϙϯελΠϜ͕૿Ճ͢Δͱ͍͏໰୊఺͕͋ͬͨ ‣ ͜ͷ໰୊Λղܾ͢ΔͨΊ, 1ͭͷ઀ଓ্ʹετϦʔϜ

    ͱݺ͹ΕΔԾ૝తͳ૒ํ޲γʔέϯεΛ࡞ͬͯରࡦ

16. HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ HTTP/2઀ଓʢ1ίωΫγϣϯʣ ετϦʔϜᶃ ετϦʔϜᶄ ετϦʔϜᶅ ετϦʔϜᶆ ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε

    ϦΫΤετ Ϩεϙϯε ϦΫΤετ Ϩεϙϯε

17. HTTP/2ͷ΍ΓͱΓʢετϦʔϜʹΑΔଟॏԽʣ ϦΫΤετᶃ Ϩεϙϯεᶃ Ϩεϙϯεᶄ HTTPύΠϓϥΠϯ ετϦʔϜʹΑΔଟॏԽ ࣌ؒ୹ॖ ϦΫΤετᶄ ϦΫΤετᶅ ॲཧ଴ͪ

    Ϩεϙϯεᶅ ϦΫΤετᶃ ϦΫΤετᶄ ϦΫΤετᶅ Ϩεϙϯεᶃ Ϩεϙϯεᶄ Ϩεϙϯεᶅ ϦΫΤετͷॱ൪Ͱ
 ϨεϙϯεΛฦ͢ඞཁ͋Γ ετϦʔϜ͕ҟͳΕ͹
    
 Ϩεϙϯεͷॱ൪͸
 ੍ݶ͞Εͳ͍ ෮श͓ΘΓ

18. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

19. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

20. HTTP/2ͷ΍ΓͱΓ • HTTP/2ͷಛ௃ ‣ ετϦʔϜʹΑΔଟॏԽ ‣ όΠφϦܗࣜͰૹΔ͜ͱͰߋͳΔ࠷దԽ͕Մೳ ‣ ϔομʔͷѹॖ ‣

    αʔόϓογϡ ࠓճ͸ͪ͜Βͷ಺༰

21. όΠφϦܗࣜͷར༻

22. HTTP/2Ͱͷվྑ఺ʢόΠφϦܗࣜͷར༻ʣ • HTTP/1.1ҎલͰ͸, HTTPϦΫΤετ΍HTTPϨεϙϯε ͸ςΩετܗࣜͷϑΥʔϚοτͰૹ͍ͬͯͨ ‣ όΠφϦܗࣜͷ΄͏͕, ࠷దԽΛ͔͚΍͍͢ʢαΠζ ͕ݮগ͢Δʣ ‣

    όΠφϦσʔλΛૹ৴͢Δ৔߹, Ұ౓ςΩετܗࣜʹ ม׵͢Δඞཁ͕ແ͍ͨΊ, ॲཧ͕࣌ؒૣ͘ͳΔ ‣ ղੳ͕γϯϓϧ

23. HTTP/2Ͱͷվྑ఺ʢόΠφϦܗࣜͷར༻ʣ • HTTP/1.1ҎલͰ͸, શͯͷσʔλ͕ςΩετܗࣜͰಉ࣌ ʹૹΒΕ͍ͯͨ ‣ HTTP/2Ͱ͸, όΠφϦϑϨʔϜͱݺ͹ΕΔ୯Ґʹ෼ׂ ͞Εૹ৴͞ΕΔ )PTU
    FYBNQMFDPN
    

    $POUFOU5ZQF
    JNBHFKQFH
    6TFS"HFOU
    .P[JMMB .FTTBHF 1045
    VQMPBE
    )551 .FTTBHF 
    NFUIPE
    1045
    
    TDIFNF
    IUUQT
    
    BVUIPSJUZ
    FYBNQMFDPN
    
    QBUI
    VQMPBE
    DPOUFOUUZQF
    JNBHFKQFH
    VTFSBHFOU
    .P[JMMB HTTPϦΫΤετʢςΩετσʔλʣ HEADERSϑϨʔϜʢόΠφϦσʔλʣ DATAϑϨʔϜʢόΠφϦσʔλʣ

24. ϔομʔѹॖ

25. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • HTTP͸εςʔτϨεͳϓϩτίϧͳͷͰ, ඞཁͳ৘ใ͸ ຖ౓ૹΔඞཁ͕͋Δ ‣ Ұ౓ૹͬͨ৘ใΛ࠶ͼૹΔඞཁ͕͋Γ, ৑௕ - ϒϥ΢βͷछྨ,

    WebαʔόͷόʔδϣϯͳͲ • HTTP/1.xͰ͸, ͜ͷσʔλ͕ϓϨʔϯςΩετͰૹ৴͞ Ε͓ͯΓ, సૹ1ճ͋ͨΓ500ʙ800όΠτ΄Ͳ͔͔Δ ‣ ΑΖ͍͠ͳΒ͹ѹॖͩ

26. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • HTTP/2Ͱ͸, ϔομʔ৘ใͷࠩ෼͚ͩΛૹ৴͢Δ HPACKͱ͍͏ѹॖํࣜΛར༻͍ͯ͠Δ 
    NFUIPE
    (&5
    
    TDIFNF
    IUUQT
    
    BVUIPSJUZ
    FYBNQMFDPN
    
    QBUI
    JOEFYIUNM
    DPOUFOUUZQF
    UFYUIUNM
    

    VTFSBHFOU
    .P[JMMB 
    NFUIPE
    
    (&5
    
    TDIFNF
    
    IUUQT
    
    BVUIPSJUZ
    
    FYBNQMFDPN
    
    QBUI
    
    JNBHFKQH
    DPOUFOUUZQF
    JNBHFKQFH
    VTFSBHFOU
    .P[JMMB 1ճ໨ͷHTTPϦΫΤετ 2ճ໨ͷHTTPϦΫΤετ ͜ͷ෦෼ͷΈૹ৴

27. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • ૹ৴ଆड৴ଆͰςʔϒϧΛ࣋ͭ ‣ ੩తςʔϒϧͱಈతςʔϒϧΛ࣋ͭ ‣ มߋΛه࿥͍ͯ͘͠Πϝʔδ • Ҏલʹग़ݱͨ͠σʔλʹؔͯ͠͸, ͦͷςʔϒϧͷΠϯ

    σοΫεΛૹΔ͜ͱͰσʔλྔΛ࡟ݮ • సૹ͞ΕΔσʔλʢมߋ͕͋ͬͨσʔλʣ͸, ϋϑϚϯ ූ߸Խ͞Εͯૹ৴͞ΕΔ

28. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ • ಈతςʔϒϧ(Dynamic Table)
 લճૹ৴ͨ͠ϔομʔ໊ͱ஋ͷϖΞΛΠϯσοΫεԽͨ͠ Ϧετ • ੩తςʔϒϧ(Static Table)
 ૹ৴͞ΕΔස౓ͷߴ͍ϔομʔ໊ͱ஋ͷϖΞ.

    ΫϥΠΞϯτ ͱαʔόͷ྆ํͰอ࣋͞Ε͓ͯΓ, ૹ৴͢Δϔομʹςʔϒ ϧͷ಺༰ؚ͕·Ε͍ͯΔ৔߹͸, ΠϯσοΫεΛૹ৴͢Δ • ͔ͭͯ͸Reference setͱݴ͏΋ͷ͕͋Γ·ͯ͠…

29. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ 
    NFUIPE
    (&5
    
    TDIFNF
    IUUQT
    
    BVUIPSJUZ
    FYBNQMFDPN
    
    QBUI
    
    DPOUFOUUZQF
    UFYUIUNM
    VTFSBHFOU
    .P[JMMB 1ճ໨ͷHTTPϦΫΤετ Reference set

    JE ϔομʔ໊ ஋  NFUIPE (&5  TDIFNF )5514  QBUI   BVUIPSJUZ Static table ᶃࠩ෼֬ೝ ᶄݕࡧ 
    
    
    FYBNQMFDPN
    
    DPOUFOUUZQF
    
    UFYUIUNM
    VTFSBHFOU
    
    .P[JMMB ᶅΤϯίʔυ

30. HTTP/2Ͱͷվྑ఺ʢϔομʔѹॖʣ 
    NFUIPE
    (&5
    
    TDIFNF
    IUUQT
    
    BVUIPSJUZ
    FYBNQMFDPN
    
    QBUI
    IPHFIUNM
    DPOUFOUUZQF
    UFYUIUNM
    VTFSBHFOU
    .P[JMMB 1ճ໨ͷHTTPϦΫΤετ Reference set

    JE ϔομʔ໊ ஋  NFUIPE (&5  TDIFNF )5514  QBUI   BVUIPSJUZ Static table ᶃࠩ෼֬ೝ ᶄݕࡧ 
    IPHFIUNM ᶅΤϯίʔυ : method GET : scheme https : authority example.com : path / content-type text/html user-agent Mozilla/5.0 ݱࡏ͸Reference set͸࢓༷͔Β࡟আ͞Ε͍ͯΔ →ڞ༗͕େม, ॲཧ͕൥ࡶ

31. αʔόϓογϡ

32. HTTP/2Ͱͷվྑ఺ʢαʔόʔϓογϡʣ • HTTPϦΫΤετͷ಺༰Λجʹ, WebαʔόଆͰඞཁͳ ϑΝΠϧΛ൑அ͠, ࣄલʹWebϒϥ΢βʹૹ৴͢Δ ‣ HTML಺ʹը૾͕ຒΊࠐ·Ε͍ͯͨ৔߹, Webϒϥ΢ β͔Βը૾ͷϦΫΤετΛड͚ͳͯ͘΋,

    ࣄલʹը૾ σʔλΛసૹ͢Δࣄ͕Մೳ

33. HTTP/2Ͱͷվྑ఺ʢαʔόʔϓογϡʣ HTTPϦΫΤετ JOEFYIUNMΛ͍ͩ͘͞ αʔόʔϓογϡᶃ αʔόʔϓογϡᶄ HTTPϨεϙϯε KQH DTT IUNM JOEFYIUNMΛදࣔ͢ΔͨΊʹ

    ඞཁͳJNBHFKQHΛૹΓ·͢ TUZMFDTT΋ඞཁͳͷͰૹΓ·͢ JOEFYIUNMΛૹΓ·͢ Webαʔό Webϒϥ΢β HTTP/2Ͱͷվྑ఺ ऴྃ ↑ຊདྷͷϨεϙϯε

34. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

35. HTTPSͷ࢓૊Έ • ۙ೥, WebαΠτΛ௨ͯ͡γϣοϐϯά΍όϯΩϯά, νέοτͷ༧໿ͳͲͷαʔϏεΛར༻͢Δػձ͕૿Ճ • Χʔυͷ൪߸ͳͲͷݸਓ৘ใ΍, ஫จ಺༰ͷվ͟ΜͳͲ ͷةݥੑʹৗʹ͞Β͞Ε͍ͯΔ •

    ΑΓηΩϡΞͳHTTPϓϩτίϧٴͼURIεΩʔϜΛ HTTPSͱݺͿ

36. HTTPSͷ࢓૊Έ • HTTPS(HTTP over SSL/TLS)
 SSL(Secure Sockets Layer)΍TLS(Transport Layer Security)্ͰߦΘΕΔηΩϡΞͳHTTP௨৴ͷ͜ͱ

    • SSL/TLS
 ௨৴࿏҉߸ԽͷͨΊͷϓϩτίϧ. SSLͱTLS͸େ࿮ͱ ͯ͠͸ಉ͡΋ͷͰ͸͋Δ͕, ݫີʹ͸ผ෺(TLS͸SSL ΛҾ͖ܧ͍ͩ࣍ੈ୅ن֨) ࢀߟϦϯΫɿhttps://ssl.sakura.ad.jp/column/ssl_tls/

37. HTTPSͷ࢓૊Έ • ௨ৗͷHTTPΛ࢖ͬͨ௨৴Ͱ͸, 80൪ϙʔτΛϦοεϯ͠ ͍ͯΔ͕, HTTPSͷ৔߹͸443൪ϙʔτ(SSL/TLSͷϙʔ τ)ΛϦοεϯ͍ͯ͠Δ • ҎԼͷ3ͭͷ࢓૊ΈΛ༻͍ͯWebαΠτͷ҆શੑΛ֬อ ‣

    ҉߸Խ௨৴ʢ౪೉๷ࢭʣ ‣ վ͟Μ๷ࢭ ‣ ͳΓ͢·͠๷ࢭ

38. ౪೉๷ࢭʢ҉߸Խ௨৴ʣ

39. HTTPSͷ࢓૊Έʢ҉߸Խ௨৴ʣ • WebαΠτΛӾཡ͢Δࡍʹ͸, ࣮ࡍʹ͸ز͔ͭͷαʔό Λܦ༝͢Δ ‣ ୈࡾऀͷ௨৴಺༰Λ๣ड͢Δ͜ͱ͸ൺֱత؆୯ • ສ͕Ұ๣ड͞Εͯ΋಺༰Λղಡ͞Εͳ͍Α͏ʹ, σʔλ

    Λ҉߸Խͯ͠ૹ৴

40. վ͟Μ๷ࢭ

41. HTTPSͷ࢓૊Έʢվ͟Μ๷ࢭʣ • ௨৴࿏্Ͱσʔλ͕վ͟Μ͞Εͯ͠·͏ͷ͸ࠔΔ ‣ ωοτόϯΩϯάͷৼࠐઌΛม͑ΒΕΔͱ͔ • ରࡦͱͯ͠, ϝοηʔδμΠδΣετ͕ར༻͞ΕΔ ‣ ϋογϡ஋Λ࢖ͬͨվ͟Μ๷ࢭ

    ৼࠐɿѼઌ
    #͞Μ ৼࠐɿѼઌ
    "͞Μ BCD μΠδΣετ ᶄվ͟Μ͞ΕΔ ৼࠐɿѼઌ
    #͞Μ BCD DEF ᶅड͚औͬͨσʔλ͔Β ϋογϡ஋Λܭࢉͯ͠ൺֱ ᶃϝοηʔδμΠδΣετΛར༻ͯ͠, ૹ৴͢Δσʔλͷϋογϡ஋ΛٻΊΔ ϝοηʔδμΠδΣετʹΑΔվ͟Μ๷ࢭ

42. ͳΓ͢·͠๷ࢭ

43. HTTPSͷ࢓૊ΈʢͳΓ͢·͠๷ࢭʣ • ৗ࣌SSLԽ͢ΔͨΊʹαʔόূ໌ॻ͕ඞਢ • SSLαʔόূ໌ॻͱݺ͹ΕΔిࢠূ໌ॻΛ഑ஔ͢Δ͜ͱ Ͱ, ΫϥΠΞϯτଆ͸WebαΠτΛӡӦ͢Δऀͷ਎ݩΛ ֬ೝ͢Δ͜ͱ͕ग़དྷΔ ‣ ূ໌ॻ͸ൃߦΛೝΊΒΕͨೝূہͷΈ͕ൃߦՄೳͰ

    ͋Γ, ৴པͰ͖ͳ͍ൃߦݩͷSSLαʔόূ໌ॻ͕ར༻ ͞Ε͍ͯΔ৔߹͸Webϒϥ΢β্ʹܯࠂը໘͕දࣔ ͞ΕΔ

44. HTTPSͷ࢓૊ΈʢͳΓ͢·͠๷ࢭʣ • ࠷ۙ͸ৗ࣌SSL͕ਪ঑͞Ε͍ͯΔ ‣ શͯͷϖʔδʢϑΥʔϜ౳͕ͳͯ͘΋ʣʹSSLΛ࢖༻ ͢Δ͜ͱ • GoogleΛ࢝Ίͱͨ͠اۀ΋SSLԽʹڧͩ͘͜ΘͬͯΔ ‣ ΋͸΍HTTPͷ࣌୅Ͱ͸ͳ͍ɹάʔάϧ͕͜͜·Ͱ

    “SSLԽ”ʹͩ͜ΘΔΘ͚
 http://www.itmedia.co.jp/enterprise/articles/1710/ 24/news037.html HTTPSͷ࢓૊Έ ऴྃ

45. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

46. HTTPSͷ΍ΓͱΓ • SSL/TLSϋϯυγΣΠΫ
 HTTPSͰ௨৴Λ։࢝͢ΔͨΊʹߦͳ͏΍ΓऔΓ. TCPί ωΫγϣϯ͕֬ೝ͞Εͨޙ, େ͖͘෼͚ͯҎԼͷ4ͭͷ खॱΛ౿Ή͜ͱͰ௨৴͕։࢝͞ΕΔ 1. ҉߸Խํࣜͷܾఆ

    2. ௨৴૬खͷূ໌ 3. 伴ͷަ׵ 4. ҉߸Խํࣜͷ֬ೝ

47. HTTPSͷ΍ΓͱΓ 1. ҉߸Խํࣜͷܾఆ • ੈͷதʹ҉߸Խํࣜ͸ଟ਺ଘࡏ͢Δ(SHA-2, RSAͳͲ) ͨΊ, Ͳͷ҉߸ԽํࣜΛར༻͢Δͷ͔ΛWebϒϥ΢β ͱWebαʔόͰܾΊ͓ͯ͘ඞཁ͕͋Δ. •

    HTTPSͰར༻͞ΕΔSSL or TLSͷόʔδϣϯ, ϝο ηʔδμΠδΣετͷํࣜʹ͍ͭͯ΋ಉ࣌ʹܾఆ

48. HTTPSͷ΍ΓͱΓ 2. ௨৴૬खͷূ໌ • Webϒϥ΢β͕௨৴͍ͯ͠ΔWebαʔό͕ਖ਼͍͠૬ खͰ͋Δ͔Ͳ͏͔Λ, SSLαʔόূ໌ॻΛجʹݕূ • ਖ਼͍͠WebαʔόͰ͋Δͱ֬ೝͰ͖ͳ͔ͬͨ৔߹, ϒ

    ϥ΢β্ʹܯࠂ͕දࣔ͞ΕΔ

49. HTTPSͷ΍ΓͱΓ 3. 伴ͷަ׵ • σʔλసૹʹར༻͢Δʮڞ௨伴ʯΛަ׵͢Δ • ͜ͷڞ௨伴Λ༻͍ͯσʔλΛ҉߸Խ, ෮߸͢Δ • ͜ͷ伴͸Ͳ͏ૹ৴͢Δͷ͔ʢ҉߸Խແ͠͸ةݥʣ

    ‣ ެ։伴҉߸ํࣜΛ༻͍ͯ҉߸Խ͠ૹ৴͢Δ • HTTPS͸, ެ։伴҉߸ํࣜͱڞ௨伴҉߸ํࣜΛ྆ํ ࢖ͬͨϋΠϒϦουํࣜ

50. HTTPSͷ΍ΓͱΓ 4. ҉߸Խํࣜͷ֬ೝ • ࣮ࡍʹར༻͢Δ҉߸Խํࣜͷ࠷ऴ֬ೝΛߦͳ͏ • ͜ͷϑΣʔζ͕׬ྃ͢Δͱ, Webϒϥ΢βͱWebαʔ όؒʹ͓͍ͯ҉߸Խ௨৴͕։࢝͞ΕΔ

51. HTTPSͷ΍ΓͱΓ ʲClient Helloʳ͜Μͳ҉߸Խํ͕ࣜར༻ՄೳͰ͢ ʲServer Helloʳ͜ͷ҉߸ԽํࣜΛར༻͠·͠ΐ͏ ҉߸Խํࣜͷܾఆ ʲServer CertificateʳࢲͷSSLαʔόূ໌ॻͰ͢ ʲServer Hello

    Doneʳ͢΂ͯͷ৘ใΛૹΓ·ͨ͠ ௨৴૬खͷূ໌ ʲClient Key Exchangeʳڞ༗伴ΛૹΓ·͢ 伴ͷަ׵ ʲFinishedʳ४උOKͰ͢ ʲFinishedʳ४උOKͰ͢ ʲChange Cipher Specʳ͜ͷ҉߸ԽํࣜΛ࢖͍·͠ΐ͏ ʲChange Cipher Specʳ͜ͷ҉߸ԽํࣜͰOKͰ͢ ҉߸Խํࣜͷ֬ೝ

52. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

53. εςʔτϑϧͱεςʔτϨε • HTTPͷಛ௃ͷ1ͭʹεςʔτϨε͕ڍ͛ΒΕΔ ‣ Ҏલͷঢ়ଶΛอ࣋͠ͳ͍ͨΊ, ෳ਺ͷॲཧΛؔ࿈෇͚ Δ͜ͱ͕Ͱ͖ͳ͍ • εςʔτϨεʹରͯ͠, εςʔτϑϧ΋ଘࡏ

    ‣ Ҏલͷঢ়ଶʢίϯςΫετʣΛอ͓࣋ͯ͘͠

54. εςʔτϑϧͱεςʔτϨε • εςʔτϨε
 ϦΫΤετ͸ඞཁͳ৘ใΛશؚͯΜͰ͍ͳ͚Ε͹ͳΒ ͳ͍ → ͸ʁͲ͏͍͏͜ͱʁʢྫΛݟͯΈ·͠ΐ͏ʣ

55. εςʔτϑϧͱεςʔτϨε εςʔτϑϧͷྫ ٬: ϋϯόʔΨʔηοτΛ͓ئ͍͠·͢ ళһ: αΠυϝχϡʔ͸Կʹͳ͍͞·͔͢? ٬: ϙςτͰ ళһ: υϦϯΫ͸Կʹͳ͍͞·͔͢?

    ٬: δϯδϟʔΤʔϧͰ ళһ: +50ԁͰυϦϯΫΛLαΠζʹͰ͖·͕͍͔͕͢Ͱ͔͢? ٬: MͰ͍͍Ͱ͢ ళһ: Ҏ্ͰΑΖ͍͠Ͱ͔͢? ٬: ͸͍ ళһ: ͔͜͠·Γ·ͨ͠ Ҿ༻ɿhttp://yohei-y.blogspot.jp/2007/10/blog-post.html

56. εςʔτϑϧͱεςʔτϨε εςʔτϨεͷྫ ٬: ϋϯόʔΨʔηοτΛ͓ئ͍͠·͢ ళһ: αΠυϝχϡʔ͸Կʹͳ͍͞·͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͰ͓ئ͍͠·͢ ళһ: υϦϯΫ͸Կʹͳ͍͞·͔͢?

    ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧͰ͓ئ͍͠·͢ ళһ: +50ԁͰυϦϯΫΛLαΠζʹͰ͖·͕͍͔͕͢Ͱ͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧ(M)Ͱ͓ئ͍͠·͢ ళһ: Ҏ্ͰΑΖ͍͠Ͱ͔͢? ٬: ϋϯόʔΨʔηοτΛϙςτͱδϯδϟʔΤʔϧ(M)Ͱ͓ئ͍͠·͢ɻҎ্ ళһ: ͔͜͠·Γ·ͨ͠ Ҿ༻ɿhttp://yohei-y.blogspot.jp/2007/10/blog-post.html

57. εςʔτϑϧͱεςʔτϨε ྆ऀͷҧ͍͸ͳʹ͔ʁ ‣ ళһ͞Μ͕͓٬͞ΜͷཔΜͩ৘ใ(ίϯςΩετ)Λ֮ ͍͑ͯΔʢอ͍࣋ͯ͠Δʣ͔Ͳ͏͔ ‣ εςʔτϨεͳγεςϜͰ͸, ళһ͞Μ͕৘ใΛอ࣋ ͍ͯ͠ͳ͍ͨΊ, ϦΫΤετ͕ͲΜͲΜ௕͘ͳΓ৑௕

    ʹͳΔ → ͳͥ࢖͏ͷ͔ʁ

58. εςʔτϑϧͱεςʔτϨε εςʔϨεͷར఺ εςʔτϨεͷܽ఺ • ୯ҰͷϦΫΤετʹશͯͷ৘ใؚ͕·ΕΔ • ηογϣϯͷ؅ཧ͕γϯϓϧʹͳΔ • εέʔϥϏϦςΟͷ޲্ •

    ωοτϫʔΫύϑΥʔϚϯεͷ௿Լ

59. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

60. Cookie • Web͕ਐԽ͢Δʹ͚ͭͯ, εςʔτϨεͩͱෆศΛײ͡Δ৔ ໘͕૿͑ͨ ‣ γϣοϐϯάαΠτͷʮ঎඼ΛબͿʯʮങ͍෺͔͝ʹೖ ΕΔʯʮ͔͝ͷத਎Λ֬ೝ͢Δʯʮܾࡁ͢Δʯͱ͍ͬͨ ಈ࡞͸, Webαʔόతʹ͸ҟͳΔϦΫΤετͰ΋,

    Webϒ ϥ΢βଆͰ͸ؔ࿈ͷ͋Δ1࿈ͷૢ࡞ - ങ͍෺͔͝ʹ঎඼ΛೖΕͯ΋, ʮങ͍෺͔͝ʹ͍Εͨʯ ͱ͍͏ಈ࡞͕อ࣋͞Εͳ͍ͨΊ, ͔͝ͷத਎͕ແ͍ঢ়ଶ ʹͳͬͯ͠·͏

61. Cookie • ࣮ࡍͷγϣοϐϯάαΠτͰ͸, ʮങ͍෺͔͝ʹೖΕͨ ͷʹೖ͍ͬͯͳ͍ʯͱ͍ͬͨΑ͏ͳ͜ͱ͸΄΅ແ͍ ‣ ঢ়ଶΛอଘ͢Δผͷ࢓૊Έ͕ଘࡏ͍ͯ͠Δ͔Β - Cookieͱ͍͏࢓૊Έ͕ଘࡏ͢Δ

62. Cookie • Cookie
 Webαʔό͕઀ଓ͖ͯͨ͠Webϒϥ΢βʹରͯ͠ૹ৴ ͢Δখ͞ͳσʔλ. Ұൠʹ, Webϒϥ΢βʹอ࣋ͯ͠໯ ͍͍ͨσʔλΛCookieͱͯ͠อ࣋͢Δ. • Cookie͸ओʹҎԼͷ3ͭͷ༻్Ͱ࢖༻͞ΕΔ

    1. ηογϣϯͷ؅ཧʢϩάΠϯ৘ใ, Χʔτ৘ใʣ 2. ݸਓઃఆʢϢʔβʔͷઃఆʣ 3. τϥοΩϯάʢϢʔβʔͷߦಈΛ෼ੳ͢Δʣ

63. Cookie • Cookie΍ΓͱΓͷྲྀΕ 1. Webαʔό΁઀ଓ͖ͯͨ͠Webϒϥ΢βʹରͯ͠, อଘͯ͠΋Β͍͍ͨ৘ใΛCookieͱͯ͠ૹΔʢϨε ϙϯεϔομʔʹ, Set-CookieଐੑΛ௥Ճʣ 2. CookieΛड͚औͬͨWebϒϥ΢β͸ͦΕΛอଘ͠,

    ࣍ʹαʔόʹ઀ଓ͢Δࡍʹอଘ͓͍ͯͨ͠Cookie Λૹ৴͢Δ

64. Cookie • γϣοϐϯάαΠτΛྫʹߟ͑Δͱ 1. Webαʔό͸ΞΫηε͖ͯͨ͠Webϒϥ΢βΛࣝ ผ͢ΔͨΊͷ৘ใΛCookieͱͯ͠ૹΔ 2. Webαʔό͕γϣοϐϯάαΠτʹΞΫηε͢Δࡍ ͸, ϒϥ΢βࣝผͷͨΊͷ৘ใʢCookieʣΛϦΫΤ

    ετϔομʹؚΊͯૹ৴͢Δ

65. Cookie ᶃ࠷ॳͷWebαʔό΁ͷ઀ଓ ᶄCookie΋ಉ࣌ʹૹ৴ ᶅ2ճΊͷWebαʔό΁ͷ઀ଓ ʜ
    4FU$PPLJF
    
    OBNFWBMVF
    FYQJSFTEBUF
    EPNBJO%*."*/@/".&
    ʜ .FTTBHF 1045
    VQMPBE
    )551 HTTPϨεϙϯε

    ॳճͷHTTPϨεϙϯεͷ ϝοηʔδϔομʔʹ CookieΛؚΊͯૹ৴ ʜ
    $PPLJF
    
    OBNFWBMVF
    
    ʜ .FTTBHF 1045
    VQMPBE
    )551 HTTPϦΫΤετ CookieΛड͚औͬͨ͋ͱ͸, CookieΛHTTPϦΫΤετϔομʔʹ ؚΊͯૹ৴͢Δ

66. Cookie • Cookieͷૹ৴ʹ͸ϝοηʔδϔομ͕ར༻͞ΕΔ(ਤͷ ྘৭ͷ෦෼Ͱͨ͠Ͷʁʣ • Webαʔό͸HTTPϨεϙϯεʹSet-CookieϔομʔΛ ؚΊΔ͜ͱͰCookieΛૹ৴͢Δ • Webϒϥ΢β͸, HTTPϦΫΤετʹCookieϔομΛؚ

    ΊΔ͜ͱͰ, CookieΛૹ৴͢Δ ʜ
    4FU$PPLJF
    
    OBNFWBMVF
    FYQJSFTEBUF
    EPNBJO%*."*/@/".&
    ʜ .FTTBHF 1045
    VQMPBE
    )551 ਤ: ϝοηʔδϔομ

67. Cookie • Set-Cookieϔομ͸Cookieͷ஋Λઃఆ͢Δ͚ͩͰͳ͘, Cookieͷ༗ޮ ظݶ΍HTTPSͰͷΈ΍ΓऔΓΛߦͳ͏(Secure Cookie)ઃఆΛ͢Δ͜ͱ ͕Ͱ͖Δ. ‣ Secure CookieΛ࢖ͬͨ৔߹Ͱ΋,

    ػີ৘ใ͸ૹड৴ͯ͠͸͍͚ͳ͍ • ༗ޮظݶΛઃఆ͠ͳ͍CookieΛηογϣϯCookieͱ͍͏ʢWebϒϥ ΢βΛফ͢ͱಉ࣌ʹফڈ͞ΕΔʣ ‣ ༗ޮظݶΛઃఆ͢Δͱͦͷظؒ͸࢒ΔͨΊ, γϣοϐϯάαΠτͳ ͲͰ͸҆શੑͷ؍఺͔ΒηογϣϯCookieΛ࢖͍ͬͯΔͱ͜Ζ͕ ଟ͍

68. Cookie ໊લ ಺༰ छผ 4FU$PPLJF ঢ়ଶΛอ࣋ɾ؅ཧ͢ΔͨΊͷ ৘ใʢ$PPLJFʣ ϨεϙϯεϔομϑΟʔϧυ $PPLJF 8FCαʔό͔Βड͚औͬͨ

    $PPLJFͷ஋ ϦΫΤετϔομϑΟʔϧυ CookieͰར༻͞ΕΔϔομϑΟʔϧυ

69. Cookie ໊લ ಺༰ OBNFWBMVF $PPLJFʹ෇͚Δ໊લͱͦͷ஋ FYQJSFTEBUF $PPLJFͷ༗ޮظݶ
    ͜ͷଐੑ͕ͳ͍৔߹
    ηογϣϯ$PPLJFͱͯ͠ѻ͏ NBYBHFTFDPOET $PPLJFͷੜଘ࣌ؒΛඵ਺Ͱࢦఆ

    TFDVSF )5514Ͱ௨৴ͯ͠Δ৔߹ͷΈ$PPLJFΛૹ৴ IUUQPOMZ +BWB4DSJQU͔Βͷ$PPLJF΁ͷࢀর੍ݶʢ944Λ๷͙ͨΊʣ EPNBJO%0."*/@/".& $PPLJF͕ར༻͞ΕΔυϝΠϯ໊ QBUI1"5) $PPLJF͕ར༻͞ΕΔαʔό্ͷύε Set-CookieϔομϑΟʔϧυʹهड़͢Δଐੑ

70. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

71. ηογϣϯ • ηογϣϯ
 ؔ࿈ͷ͋Δ1࿈ͷॲཧͷ։͔࢝Βऴྃ·Ͱͷશظؒ ૹ৴ଆ ड৴ଆ ঎඼ΛબͿ OK ങ͍෺͔͝ʹೖΕΔ OK

    ങ͍෺͔͝ͷத਎Λ֬ೝ OK ܾࡁ OK ηογϣϯ ίωΫγϣϯ

72. ηογϣϯ • ෳ਺ͷΫϥΠΞϯτ͔ΒΞΫηε͞ΕΔWebαʔό͸, ηο γϣϯΛͲͷΑ͏ʹ؅ཧ͢Δͷ͔ʁ ‣ CookieΛ༻͍ͯηογϣϯΛ؅ཧ͢Δ ‣ Cookie͕࢖͑ͳ͍৔߹͸URLʹؚΊΔͱ͖΋͋Δ͕, ηΩϡ

    ϦςΟͷ໘͔Βਪ঑͞Εͳ͍ํ๏Ͱ͋Δ • ηογϣϯ؅ཧʹ͓͍ͯ, Webϒϥ΢βΛࣝผ͢ΔͨΊͷࣝผ ࢠ(id)ΛηογϣϯIDͱݺͿ ‣ ηογϣϯID͸WebαʔόͰੜ੒͞Ε, CookieʹؚΊͯWeb ϒϥ΢βʹૹ৴͞ΕΔ

73. ηογϣϯ 4*%BBBBBB 4*%CCCCCC webαʔό webϒϥ΢βB webϒϥ΢βA ηογϣϯ*% Ϣʔβʔ ϩάΠϯ ങ͍෺͔͝

    BBBBBB TBUP 536& Ξ΢λʔº
    γϟπº CCCCCC HVFTU '"-4& γϡʔζº දɿWebαʔό͕อଘ͍ͯ͠Δηογϣϯσʔλ

74. ηογϣϯ • ηογϣϯIDΛड͚औͬͯҎ߱͸, ϦΫΤετϔομʹ ηογϣϯIDΛؚΊͯૹ৴͢Δ͜ͱͰ, Webαʔόͱͷ ηογϣϯΛҡ࣋͢Δ͜ͱ͕ग़དྷΔ. • ʮങ͍෺͔͝ʹͳʹΛ͍Ε͔ͨʯͱݴͬͨ৘ใ͸, ηο

    γϣϯIDͱඥ෇͍ͯʮηογϣϯσʔλʯͱͯ͠Web αʔόʹอଘ͞ΕΔ.

75. ηογϣϯ webαʔό webϒϥ΢βA Set-Cookie:SID=aaaaaa Cookie:SID=aaaaaa CookieʹؚΊͯ౉͢ ϦϯΫͷURLʹؚΊΔ webαʔό webϒϥ΢βA http://example.com/cart?SID=aaaaaa

    ͱ͍͏ϦϯΫ෇͖ͷWebϖʔδΛૹ৴ ϦϯΫ͕ΫϦοΫ͞ΕΔͱ, ηογϣϯID෇͖ ͰWebαʔό΁ϦΫΤετ͕ૹ৴͞ΕΔ http://example.com/cart?SID=aaaaaa ηογϣϯIDΛURLͷύϥϝʔλͱͯ͠ૹ৴

76. ໨࣍ 9. HTTP/2Ͱͷվྑ఺ 10.HTTPSͷ࢓૊Έ 11.HTTPSͷ΍ΓͱΓ 12.εςʔτϑϧͱεςʔτϨε 13.Cookie 14.ηογϣϯ 15.URI

77. URI • URI(Uniform Resource Identifier)
 ৘ใ΍σʔλͱ͍ͬͨϦιʔεΛࣝผ͢Δهड़ํ๏ ‣ ಛʹ, Ϧιʔε͕ଘࡏ͢Δ৔ॴΛࣔ͢΋ͷΛ URL(Uniform

    Resource Locator)ͱ͍͏ • URIͷ͏ͪ, ৔ॴ͸໰ΘͣʹϦιʔεͷ໊લΛࣔ͢΋ͷΛ URN(Uniform Resource Name)ͱ͍͏ URIͷҰൠతͳදݱܗࣜ ʢεΩʔϜ໊ʣɿʢεΩʔϜ͝ͱͷදݱܗࣜʣ

78. URI εΩʔϜ εΩʔϜ͝ͱͷදݱܗࣜ IUUQ FYBNQMFDPNOFXTJOEFYIUNM
 FYBNQMFDPNʹ͋ΔOFXϑΥϧμ಺ͷJOEFYIUNMϑΝΠϧ GUQ FYBNQMFDPNEPDTOFXTEPD
 FYBNQMFDPNʹ͋ΔEPDTϑΥϧμ಺ͷOFXEPDϑΝΠϧ VSO

    JTCO
    JTCOίʔυͰࣔ͞ΕΔॻྨ VSO JFUGSGD
    JFUGʹΑͬͯ؅ཧ͞Ε͍ͯΔ3'$ͷॻྨ URIͷྫ εΩʔϜ໊ɿεΩʔϜ͝ͱͷදݱܗࣜ

79. URI • ϦΫΤετURI
 HTTPʹ͓͍ͯ΋, ϦιʔεΛಛఆ͢ΔͨΊʹURIΛར༻ ͍ͯ͠Δ. ઈରURIܗࣜͱ૬ରURIܗ͕ࣜ͋Δ ઈରURIͰͷදه ૬ରURIͰͷදه (&5
    IUUQFYBNQMFDPNOFXTJOEFYIUNM
    )551

    )PTU
    FYBNQMFDPN http͔Β࢝·ΔURIͰ, ϗετ໊ٴͼύε໊ͷશ͕ͯϦΫΤετߦʹهड़͞ΕΔ. HTTPϦΫΤετ͕ϓϩΩγαʔόΛܦ༝͢Δ৔߹, ઈରURI͕ར༻͞ΕΔ. (&5
    OFXTJOEFYIUNM
    )551 )PTU
    FYBNQMFDPN /͔Β࢝·ΔURIͰ, ύε໊ͷΈϦΫΤετߦʹهड़͞ΕΔ ௨ৗ͸૬ରURIΛར༻ͯ͠HTTPϦΫΤετ͕ૹ৴͞ΕΔ

80. URI • ύʔηϯτΤϯίʔσΟϯά
 URLͰར༻Ͱ͖Δจࣈ͸ఆΊΒΕ͓ͯΓ, ʮ༧໿จࣈʯ ͱʮඇ༧໿จࣈʯ͕ଘࡏ͢Δ. ‣ ༧໿จࣈ
 ҎԼͷΑ͏ͳ஋. ۠੾ΓͳͲͰ࢖ΘΕΔ

    reserved = gen-delims / sub-delims gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@" sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "=" Ҿ༻ɿhttps://tools.ietf.org/html/rfc3986#page-11

81. URI • ඇ༧໿จࣈ
 ਺ࣈ΍ΞϧϑΝϕοτͳͲࣗ༝ʹURIʹ࢖༻Ͱ͖ΔจࣈͰ, Ξϧ ϑΝϕοτͷେจࣈখจࣈ, ਺ࣈ, ϋΠϑϯ, υοτ, Ξϯμʔε

    ίΞ, νϧμؚ͕·ΕΔ
 • URIͰ͸ඇ༧໿จࣈ͔ࣗ͠༝ʹ࢖͏͜ͱ͕Ͱ͖ͳ͍ ‣ ༧໿จࣈ, ඇ༧໿จࣈҎ֎ͷจࣈΛURIͰར༻͢Δ৔߹, ύʔ ηϯτΤϯίʔσΟϯάͱ͍͏ํ๏Λ༻͍ͯΤϯίʔυ͢ Δඞཁ͕͋Δ unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"

82. URI • ύʔηϯτΤϯίʔσΟϯάͰ͸, ʮ%ʯʹ͍ͭͮͯจ ࣈίʔυΛ16ਐ਺Ͱදͨ͠ܗʹม׵͞ΕΔ จࣈίʔυ ύʔηϯτΤϯίʔσΟϯάޙ 4IJGU+*4 ""7#$ &6$+1

    """"$##" 65' &&&" &&% “͍͍ఱؾ”ΛύʔηϯτΤϯίʔσΟϯά͢Δྫ

83. URI • ੜ੒͞ΕͨURI͸, ৗʹύʔηϯτΤϯίʔσΟϯά͞ Εͨঢ়ଶͰ͋Δ. ‣ ࣍ͷΑ͏ͳ΋ͷ͸URIͱͯ͠ೝΊΒΕͳ͍ • ෳ਺ճσίʔυͯ͠͸͍͚ͳ͍ http://example.com?foo=;ʔ&bar=%E3%81%B0%E3%83%BC

84. ༨ஊ

85. ༨ஊ • ͳΜͰHTTP/2.0͡Όͳͯ͘HTTP/2ͳͷʁ
 The Working Group decided to drop the

    minor version (“.0”) because it has caused a lot of confusion in HTTP/1.x. In other words, the HTTP version only indicates wire compatibility, not feature sets or “marketing.” ‣ ϓϩτίϧͷޓ׵ੑ͚ͩΛද͢ͱ͸Ͳ͏͍͏͜ͱͳΜ Ͱ͠ΐ͏͔ʁ ‣ ͋ͱͲΜͳޡղ͕͋ͬͨΜͩΖ͏… Ҿ༻ɿhttps://http2.github.io/faq/#is-it-http20-or-http2

86. ࢀߟαΠτ౳

87. ࢀߟαΠτ౳ • HTTP/2 Frequently Asked Questions
 https://http2.github.io/faq/ • HTTP/2ͷ֓ཁ
 https://developers.google.com/web/fundamentals/

    performance/http2 • HPACK:Header Compression for HTTP/2
 https://tools.ietf.org/html/rfc7541 • HTTP/2 ೖ໳
 https://techblog.yahoo.co.jp/infrastructure/http2/ introduction_to_http2/

88. ࢀߟαΠτ౳ • SSLͱTLSͷҧ͍ͱ͸
 https://ssl.sakura.ad.jp/column/ssl_tls/ • SSLΛཧղ͢ΔͨΊͷجૅωΰγΤʔγϣϯ[PDF]
 https://www.jp.websecurity.symantec.com/welcome/pdf/ wp_ssl_negotiation.pdf • HTTPSͷৄࡉ


    http://www.atmarkit.co.jp/ait/articles/1704/13/news030.html • Uniform Resource Identifier(URI): Generic Syntax
 https://tools.ietf.org/html/rfc3986