あたらしいHTTPの話をしよう

৽͍͠)551ͷ࿩Λ͠Α͏ 3 Jul, 2014 @iogi

)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO  ESBGUJFUGIUUQCJTIUUQ

͡Όͳͯ͘

৽͍͠)551

IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE

3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ೥݄ʹϦϦʔε͞Εͨɻ೥લ

*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగ΋ߦ͍ͬͯΔ

3'$JTEFBE w 3'$͸PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖׵ΘΔ 3'$ͷͭͷ3'$͕ެ։

3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH
*G.PEJpFE4JODF w 3'$3BOHF3FRVFTUTHFUUJOHQBSUJBMDPOUFOU w 3'$$BDIJOHCSPXTFSBOEJOUFSNFEJBSZDBDIFT w 3'$"VUIFOUJDBUJPOBGSBNFXPSLGPS)551 BVUIFOUJDBUJPO

3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO

Կ͕มΘͬͨͷ w ηΩϡϦςΟ্໰୊ͱͳ͍ͬͯͨ෦෼ͷमਖ਼ w 3'$Ͱ͸ແ͍΋ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ΋ ͷΛఆٛ w ֤3'$ ͷ෇࿥ʹ͸ɺ3'$͔Βͷมߋ఺͕ॻ
͔Ε͍ͯΔͷͰ֬ೝ

3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯ਺ࣈ͕ͦΕͧ Εܻʹݶఆ ࣮૷͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDF΍ෳ਺ߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏Λಛघέʔε΋ؚΊ໌֬Խ
w $IVOL-FOHUI͸DIVODLIFBEFSͱUSBJMFSΛؚΊͳ͍Α͏ʹ w $POOFDUJPODMPTFͷૹ৴࣌ͷಈ࡞Λ໌֬Խ

3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰ͸ϦϑΝϥΛૹΔ΂͖ w
BCPVUCMBOL͕௥ՃɻϦϑΝϥΛམͱ͍ͯ͠ΔͷͰ͸ແ͘ɺ ໌ࣔతʹଘࡏ͠ͳ͍͜ͱΛએݴ͢Δ w Ұ؏ੑͷͨΊ(&5ϦΫΤετ͕CPEZΛ࣋ͭ͜ͱΛڐՄ w εςʔλεͷΩϟογϡΛڐՄ w $POUFOU.%ϔομͷ࡟আ

$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ࢖͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w
IUUQEPDTBXTBNB[PODPN"NB[PO4MBUFTU"1* 3&450CKFDU165IUNM

3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODF౳ͷ৚݅෇͖ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w
3'$$BDIJOH w $POUFOU$BDIFͷఆٛ w 3'$"VUIFOUJDBUJPO w ΈΜͳେ޷͖#BTJD%JHFTUೝূͳͲͷτϐοΫ

3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |
Notes |! | Scheme Name | | |! +----------------+------------+-------------------------------------+! | Basic | [RFC2617], | |! | | Section 2 | |! | Bearer | [RFC6750] | |! | Digest | [RFC2617], | |! | | Section 3 | |! | Negotiate | [RFC4559], | This authentication scheme violates |! | | Section 3 | both HTTP semantics (being |! | | | connection-oriented) and syntax |! | | | (use of syntax incompatible with |! | | | the WWW-Authenticate and |! | | | Authorization header field syntax). |! | OAuth | [RFC5849], | |! | | Section | |! | | 3.5.1 | |! +----------------+------------+-------------------------------------+!

3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β͸)551ͷϝιουͷ௥Ճఆٛͱ͍͏໊͔લͷ༧໿ w ओʹ8FC%BWͷϝιου

3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ಺༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !
! ! w ඇରԠͷϒϥ΢β͕Ͳ͏ղऍ͢Δ͔ɺ·ͨඇରԠͷϒϥ΢β ΛαʔόଆͰ൑அͰ͖Δͷ͔ɺΉ͍ͣͱ͜Ζ Ӭଓత Ұ࣌త POST͔ΒGET΁ͷϝιουมߋΛڐՄ 301 302 POST͔ΒGET΁ͷมߋΛڐՄ͠ͳ͍ 308 307

YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ͸.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘΍8JLJͳͲ Ͱ౤ߘޙʹϒϥ΢βΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ΋͜ͷίʔυ͕ ࢖༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ͸'PVOEʹͳΓɺ৽ͨʹ ͕࡞੒͞Εͨɻ w
4FF0UIFSଞΛࢀরͤΑɻϦΫΤετͨ͠Ϧιʔε͸͔֬ʹͦ ͷ63-ʹ͋Δ͕ɺଞͷϦιʔεΛ΋ͬͯϨεϙϯεͱ͢ΔΑ͏ͳ৔ ߹ʹ࢖༻͢Δɻ ܝࣔ൘ͷ౤ߘޙʹଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ࢖Θ ΕΔ΂͖ίʔυͱͯ͠ಋೖ͞Εͨɻ w 5FNQPSBSZ3FEJSFDUҰ࣌తͳϦμΠϨΫτɻͷຊདྷͷ࢖༻ ๏ΛվΊͯఆٛͨ͠΋ͷɻ

3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUP౳ͷϔομ͸ɺ9͕෇͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰ͸ͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ͸4RVJE͕ಋೖͨ͠
8JLJQFEJB w ඇඪ४Ώ͑ʹɺରԠঢ়گ͕·ͪ·ͪɺ'PSʹෳ਺ྻڍ͞Εͯ ͍Δͱࣦഊ͢ΔɺηΩϡϦςΟ্ͷݒ೦ͳͲ͍Ζ͍Ζ͋ͬͨ

'PSXBSEFEϔομ w lCZ͸ϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPS͸ϦΫΤετݩ 9''ͱಉ͡ w lIPTUz͸ϓϩΩγ͕ड͚ͨ)PTUϔομ
w lQSPUP͸ϓϩΩγ͕ड͚ͨϓϩτίϧ ! ! ! Forwarded: for="_gazonk"! Forwarded: For="[2001:db8:cafe::17]:4711"! Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43! Forwarded: for=192.0.2.43, for=198.51.100.17

BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔͸஌Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ*1ɺϗετ໊ͷ୅ΘΓʹ࢖͏ w 0CGVTDBUFE*EFOUJpFS ΅͔ͨࣝ͠ผࢠ
w ಺෦*1ΞυϨεΛൿີʹ͍͚ͨ͠Ͳɺσόοά༻్ʹ 'PSXBSEFEϔομΛग़ྗ͍ͨ͠ͱ͖ʹ@ VOEFSTDPSF ͔Β ࢝·ΔJEFOUJpFSΛ࢖͑Δ    Forwarded: for=_hidden, for=_SEVKISEK

9'PSXBSEFE͔ΒͷҠߦ w "QBDIF౳αʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰ΋ରԠ ͞Ε͍ͯ͘ͷͰ͸ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ΋͋Γ w બ୒Ͱ͖ΔΑ͏ʹ͢Δ

·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨ΋ͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯ͸ಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແ΍ɺϑΥʔϧόοΫ౳ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔΋͠Εͳ͍
w ਖ਼͍͠ಓΛఆ͍ٛͯ͠Δͷ͸Α͍

あたらしいHTTPの話をしよう

あたらしいHTTPの話をしよう

Ippei Ogiwara

More Decks by Ippei Ogiwara

Other Decks in Technology

Featured

Transcript

৽͍͠)551ͷ࿩Λ͠Α͏ 3 Jul, 2014 @iogi

)551 )ZQFSUFYU5SBOTGFS1SPUPDPMWFSTJPO  ESBGUJFUGIUUQCJTIUUQ

͡Όͳͯ͘

৽͍͠)551

IUUQTXXXNOPUOFUCMPHSGD@JT@EFBE

3'$ w 3'$)ZQFSUFYU5SBOTGFS1SPUPDPM)551 w ೥݄ʹϦϦʔε͞Εͨɻ೥લ

*&5')551CJT8( w )551ͷඪ४ԽΛߦ͍ͬͯΔϫʔΩϯάάϧʔϓ w ฒߦͯ͠)551ͷվగ΋ߦ͍ͬͯΔ

3'$JTEFBE w 3'$͸PCTPMFUF ഇࢭ ʹϚʔΫ͞Εɺஔ͖׵ΘΔ 3'$ͷͭͷ3'$͕ެ։

3'$ w 3'$.FTTBHF4ZOUBYBOE3PVUJOHMPXMFWFMNFTTBHF QBSTJOHBOEDPOOFDUJPONBOBHFNFOU w 3'$4FNBOUJDTBOE$POUFOUNFUIPET TUBUVTDPEFT BOEIFBEFST w 3'$$POEJUJPOBM3FRVFTUTFH

3'$ w 3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w 3'$.FUIPE3FHJTUSBUJPOT w 3'$UIFTUBUVTDPEF w 3'$'PSXBSEFE)551FYUFOTJPO

Կ͕มΘͬͨͷ w ηΩϡϦςΟ্໰୊ͱͳ͍ͬͯͨ෦෼ͷमਖ਼ w 3'$Ͱ͸ແ͍΋ͷͷσϑΝΫτελϯμʔυͱͳ͍ͬͯͨ΋ ͷΛఆٛ w ֤3'$ ͷ෇࿥ʹ͸ɺ3'$͔Βͷมߋ఺͕ॻ

3'$.FTTBHF4ZOUBYSPVUJOH ओʹSFpOFNFOU w )551ͷ)551͕େจࣈʹݶఆɺόʔδϣϯ਺ࣈ͕ͦΕͧ Εܻʹݶఆ ࣮૷͕ଟܻΛαϙʔτͰ͖ͯͳ͍͔Β w ϔομͷෆਖ਼ͳXIJUFTQBDF΍ෳ਺ߦϔομΛഇࢭ w CPEZͷMFOHUIͷܭࢉํ๏Λಛघέʔε΋ؚΊ໌֬Խ

3'$4FNBOUJDTBOE$POUFOU w EFGBVMUDIBSTFU *40 ͷഇࢭ w 3FGFSFS w 4BNF0SJHJOͰ͸ϦϑΝϥΛૹΔ΂͖ w

$POUFOU.%ͷഇࢭ w 5IF$POUFOU.%IFBEFSpFMEIBTCFFOSFNPWFECFDBVTFJU XBTJODPOTJTUFOUMZJNQMFNFOUFEXJUISFTQFDUUPQBSUJBM SFTQPOTFT w 41VU0CKFDU࣌ʹɺQBZMPBEͷݕূʹ࢖͏͜ͱ͕Ͱ͖Δ 0QUJPOBM w

3'$<>ओʹSFpOFNFOU w 3'$$POEJUJPOBM3FRVFTUT w *G.PEJpFE4JODF౳ͷ৚݅෇͖ϦΫΤετͷఆٛ w 3'$3BOHF3FRVFTUT w 3BOHF3FRVFTUͷఆٛ w

3'$"VUIFOUJDBUJPO4DIFNF3FHJTUSBUJPOT w ೝূͷछྨΛఆ͍ٛͯ͠Δ͚ͩ ! +----------------+------------+-------------------------------------+! | Authentication | Reference |

3'$*OJUJBM)551.FUIPE3FHJTUSBUJPOT w ͪ͜Β͸)551ͷϝιουͷ௥Ճఆٛͱ͍͏໊͔લͷ༧໿ w ओʹ8FC%BWͷϝιου

3'$4UBUVT$PEF 1FSNBOFOU3FEJSFDU w ৽͍͠ϦμΠϨΫτεςʔλε w ӬଓతͳϦμΠϨΫτ࣌ʹ1045ͷ಺༰ΛϦμΠϨΫτઌʹ ૹ৴ ! !

YSFEJSFDUSFTQPOTFT w .PWFE1FSNBOFOUMZ߃ٱతͳϦμΠϨΫτ w 'PVOEݩʑ͸.PWFE5FNQPSBSJMZ͕ͩͬͨɺܝࣔ൘΍8JLJͳͲ Ͱ౤ߘޙʹϒϥ΢βΛଞͷ63-ʹసૹ͍ͨ͠ͱ͖ʹ΋͜ͷίʔυ͕ ࢖༻͞ΕΔΑ͏ʹͳͬͨͨΊɺ͸'PVOEʹͳΓɺ৽ͨʹ ͕࡞੒͞Εͨɻ w

3'$'PSXBSEFE)551&YUFOTJPO w 'PSXBSEFEϔομͷඪ४Խ w 9'PXBSEFE'PS 9'PSXBSEFE1SPUP౳ͷϔομ͸ɺ9͕෇͍ ͍ͯΔͱ͓Γɺ3'$ඪ४ϔομͰ͸ͳ͍͕ɺσϑΝΫτελ ϯμʔυͱͳ͍ͬͯΔ w ݩʑ͸4RVJE͕ಋೖͨ͠

'PSXBSEFEϔομ w lCZ͸ϦΫΤετΛड͚ͨϓϩΩγͷ$VTUPNFS'BDJOHଆͷ ࣝผࢠ w GPS͸ϦΫΤετݩ 9''ͱಉ͡ w lIPTUz͸ϓϩΩγ͕ड͚ͨ)PTUϔομ

BEEJUJPOBMJEFOUJpFST w zVOLOPXOzࣝผࢠ w ୭͔Β͔͸஌Βͳ͍͚Ͳసૹͨ͠ͱ͍͏͜ͱΛ໌͍ࣔͨ͠ ͱ͖ʹ1ɺϗετ໊ͷ୅ΘΓʹ࢖͏ w 0CGVTDBUFEEFOUJpFS ΅͔ͨࣝ͠ผࢠ

9'PSXBSEFE͔ΒͷҠߦ w "QBDIF౳αʔόଆ͕ରԠ͞ΕͨΒฒߦͯ͠1SPYZଆͰ΋ରԠ ͞Ε͍ͯ͘ͷͰ͸ w 9'PXBSEFEͷϔομͱڞଘͰ͖ΔͷͰɺ྆ํग़ྗͯ͠͠ ·͏ͷ΋͋Γ w બ୒Ͱ͖ΔΑ͏ʹ͢Δ

·ͱΊ w ࠓ·Ͱࣄ࣮ඪ४ͱͳ͍ͬͯͨ΋ͷ͕ɺඪ४Խ͞ΕΔ w ͚Ͳɺόʔδϣϯ͸ಉ͡)551 ۠ผͰ͖ͳ͍ w ΫϥΠΞϯτଆɺαʔόଆͰରԠ༗ແ΍ɺϑΥʔϧόοΫ౳ ͰҰ෦ࠞཚ͢Δ͜ͱ͕͋Δ͔΋͠Εͳ͍