Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Androidセキュアな開発について考えてみた(明日敗訴しないためのセキュアコーディングver.2)

Kengo Suzuki
March 13, 2016
Programming
0
450

 Androidセキュアな開発について考えてみた(明日敗訴しないためのセキュアコーディングver.2)

Kengo Suzuki

March 13, 2016
Tweet

More Decks by Kengo Suzuki

See All by Kengo Suzuki
信頼性に挑む中で拡張できる・得られる1人のスキルセットとは?
ken5scal
2
540
Eventual Detection Engineering
ken5scal
0
1.8k
脆弱性対応をこの先生きのこるには
ken5scal
0
940
LayerXとMDMのリスク評価と年次対応の実例(公開版)
ken5scal
2
1.1k
AWSだ! Google Cloudだ! Azureだ! 認証連携だ!
ken5scal
9
2k
適応し続けるプロダクトとセキュリティ
ken5scal
5
2k
同志諸君よ、ゼロトラストを撃て_CloudNativeDays2022
ken5scal
2
3.2k
なぜLayerXのセキュリティでSoftware指向が重視されているか
ken5scal
0
310
暇だしDevSecOpsやってみた - CodePipeline Now and Then
ken5scal
3
5.6k

Other Decks in Programming

See All in Programming
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
120
Jakarta EE meets AI
ivargrimstad
0
670
距離関数を極める! / SESSIONS 2024
gam0022
0
290
Less waste, more joy, and a lot more green: How Quarkus makes Java better
hollycummins
0
100
とにかくAWS GameDay!AWSは世界の共通言語! / Anyway, AWS GameDay! AWS is the world's lingua franca!
seike460
PRO
1
900
カンファレンスの「アレ」Webでなんとかしませんか? / Conference “thing” Why don't you do something about it on the Web?
dero1to
1
100
CSC509 Lecture 12
javiergs
PRO
0
160
ローコードSaaSのUXを向上させるためのTypeScript
taro28
1
630
ECS Service Connectのこれまでのアップデートと今後のRoadmapを見てみる
tkikuc
2
250
『ドメイン駆動設計をはじめよう』のモデリングアプローチ
masuda220
PRO
8
540
Tauriでネイティブアプリを作りたい
tsucchinoko
0
370
Better Code Design in PHP
afilina
PRO
0
130

Featured

See All Featured
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Navigating Team Friction
lara
183
14k
Embracing the Ebb and Flow
colly
84
4.5k
The Pragmatic Product Professional
lauravandoore
31
6.3k
GitHub's CSS Performance
jonrohan
1030
460k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Faster Mobile Websites
deanohume
305
30k
Speed Design
sergeychernyshev
25
620
Statistics for Hackers
jakevdp
796
220k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Making the Leap to Tech Lead
cromwellryan
133
8.9k

Transcript

  1. "OESPJEηΩϡΞ։ൃ ʹ͍ͭͯߟ͑ͯΈͨ ླ໦ɹݚޗ ໌೔ɺഊૌ͠ͳ͍ͨΊͷηΩϡΞίʔσΟϯάWFS

  2. "CPVU.F w ໊લ w 5XJUUFS!LFOHPTDBM w (JUIVCLFOTDBM w ৬ྺ w

    ηΩϡϦςΟܥ ೥݄ʙ  w .POFZ'PSXBSEॴଐʢ೥݄ʙʣ

  3. ࢲͱ"OESPJE w ೥݄͔Β"OESPJE։ൃʹࢀՃ w -PMMJQPQ͔Β w ઌഐ։ൃऀ͕ܦݧͨ͠ਏ͞Λ఻આͱͯ͠ͷΈ஌Δ

  4. ࠓճ࿩͢͜ͱͷٕज़తൣғ

  5. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  6. ૌু w ొ৔ਓ෺ w "ࣾൃ஫ଆɻ&ίϚʔεͷड஫γεςϜΛઃܭʙอकࠐΈͰܖ໿ w #ࣾ։ൃଆʢड஫ଆ  w ࣄ݅

    w ίʔυϨϕϧͰͷηΩϡϦςΟରࡦෆ଍ʹΑΓΫϨΧ৘ใ͕ྲྀग़ w "ࣾ͸#ࣾΛz࠴຿ෆཤߦͱଛ֐ഛঈͰຽࣄૌু w ͨͩ͠ܖ໿ʹ͸ຊ݅΢ΣϒαΠτͷηΩϡϦςΟରࡦΛߨ͡Δٛ ຿Λෛ͏͜ͱ͸نఆ͞Ε͍ͯͳ͔ͬͨ <Ҿ༻>IUUQXXXTPGUJDPSKQTFNJ@PQQEG

  7. ݁Ռ ʊਓਓਓਓਓʊ ʼɹ#ࣾഊૌʻ ʉ:?:?:?:ʉ ʊਓਓਓਓਓਓਓਓਓਓਓʊ ʼ໿ສԁͷଛ֐ഛঈʻ ʉ:?:?:?:?:?:?:?:?:ʉ

  8. ൑ܾ w *1"ܦ࢈ল͕ಛఆͷ߈ܸʹର͢ΔରࡦΛਪ঑͍ͯ͠ ͨΊɺzඃࠂʹ͸ॏաࣦ͕ೝΊΒΕΔͱ͍͏΂͖zͱ ͞Εͨɻ <Ҿ༻>IUUQXXXTPGUJDPSKQTFNJ@PQQEG

  9. ݁ہ w ୭΋ಘ͠ͳ͍݁Ռʹͳͬͨ

  10. ୭ಘ w "ࣾʢൃ஫ଆʣ w Ϣʔβʔଛࣦɺ৴༻ࣦ௢ɺରԠඅ༻ͳͲͳͲͷଛ

  11. ୭ಘ w #ࣾʢड஫ଆʣ w ଛ֐ഛঈɺ৴༻ࣦ௢ͳͲͳͲͷଛ

  12. ͳʹΑΓ w Ϣʔβʔʂɹ w ࣗ෼ͷ৘ใ͕ྲྀग़͢Δͱ͍͏ଛ w ࿙Ӯൃ֮࣌ͷରԠΛ͠ͳ͚Ε͹͍͚ͳ͍ଛ w ຊ౰ʹϝϯυ͍͘͞Ͱ͢ʢ࣮ମݧʣ w

    ࿙Ӯ༗ແͷ֬ೝɺ࿙Ӯൣғͷ֬ೝɺ࿙Ӯ಺༰ͷ֬ೝɺ ࿙Ӯ৘ใͷӨڹͷ൑அɺ࿙Ӯ৘ใͷมߋґཔɺ࿙Ӯ ରࡦͷ֬ೝ FUDFUD

  13. ͳͷͰ w ηΩϡϦςΟؾʹͨ͠։ൃ͠Α͏ʂ w օͰ޾ͤʹͳΓ͍ͨ w ੬ऑੑ͸όάͳͷͰ඼࣭޲্ʹۈΊΑ͏ʂ

  14. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  15. ·ͣ͸ w ηΩϡΞίʔσΟϯάʂ

  16. ౰વɺ*1"͔Β୳ͯ͠ΈΔ

  17. *1"ͷ"OESPJEֶशπʔϧ w ֶशɾ఺ݕπʔϧ͕͋ͬͨʂ w ͕͢͞*1"ɹͦ͜ʹᙺΕΔʂɹಌΕΔ <Ҿ༻*1"৘ใॲཧਪਐػߏ>IUUQTXXXJQBHPKQTFDVSJUZWVMOBODPMF

  18. Ͱ΋ɾɾɾ

  19. Ͱ΋ɾɾɾ

  20. Ͱ΋ɾɾɾ

  21. Ͱ΋ɾɾɾ

  22. ͜ͷੈʹر๬͸ͳ͍ͷ͔ʜ

  23. ر๬ ॻ੶ ͋Γ·ͨ͠

  24. w "OESPJE4FDVSJUZ҆શͳΞϓϦέʔγϣϯΛ࡞ ੒͢ΔͨΊʹ ஶλΦιϑτ΢ΣΞגࣜձࣾ ر๬ʢॻ੶ʣͦͷ w แׅతͳηΩϡϦςΟ։ൃͷϙΠϯτ w ηΩϡϦςΟ։ൃͷೖ໳ͱͯ͠࠷ద w

    ࡴΒΕͨࣄྫΛ঺հ w ࣮૷΋هࡌ w ͪΐͬͱੲ ೥

  25. ر๬ʢॻ੶ʣͦͷ w ࠷ڧ w ߋʹηΩϡΞʹ͍ͨ͠ਓ޲͚ w έʔεʹԠͨ͡ΨΠυ͕خ͍͠ w αϯϓϧίʔυ΋๛෋ w

    ࠷৽ͷόʔδϣϯΛ௥ै w ແྉ w ۀքج४Ͱ͸ͳ͍ w "OESPJEΞϓϦͷηΩϡΞઃܭɾηΩϡΞίʔσΟ ϯάΨΠυ ஶ+44&$

  26. ͜ΕͰ"OESPJEքͷॅਓ͸ कΒΕͨ

  27. ׬

  28. ׬

  29. ͜ΕͰ"OESPJEքͷॅਓ͸ कΒΕͨͯͳ͔ͬͨ

  30. ਺஋͔ΒݟΔηΩϡϦςΟ w ґવɺͷΞϓϦʹ੬ऑੑϦεΫ͕ଘࡏ w ҉߸௨৴͕ղಡɾվ͟Μ͞ΕΔϦεΫͷ͋ΔΞϓϦ ͸૿Ճ <Ҿ༻4POZ%JHJUBM/FUXPSL"QQMJDBUJPO>"OESPJE੬ऑੑௐࠪϨϙʔτ

  31. ࣄྫ͔ΒݟΔηΩϡϦςΟ <Ҿ༻'JSF&ZF>IUUQTXXXpSFFZFDPNCMPHUISFBUSFTFBSDI BOPUIFS@QPQVMBS@BOESIUNM w -PH$BUʹػີ৘ใΛྲྀͯͨ͠ w τʔΫϯͳͲΛฏจͰωοτʹͳ ͕ͯͨ͠ w τʔΫϯ͕ӬଓԽ͞Ε͍ͯͨ

    w ύεϫʔυ͕ऑ͍҉߸ํࣜͰ҉߸ Խ͞Εͯͨ

  32. ࣄྫ͔ΒݟΔηΩϡϦςΟ <Ҿ༻'JSF&ZF>IUUQTXXXpSFFZFDPNCMPHUISFBUSFTFBSDI BOPUIFS@QPQVMBS@BOESIUNM w 8FC7JFX্ͷ௨৴ͰIUUQ௨৴ Λ࢖ͬͯͨͷͰɺ௨৴Λվ᜵͞ ΕΔ

  33. ॻ੶ͷΧόʔൣғͳͷʹ ͳͥʁ

  34. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  35. "OESPJEͷηΩϡϦςΟൣғ w ൣғ w ϑΝΠϧΞΫηεݖݶɺ"1,ϑΝΠϧอޢɺύʔ ϛογϣϯɺ"DUJWJUZ #SPBEDBTU 4FSWJDF  $POUFOU1SPWJEFSɺΠϯςϯτɺ҉߸Խɺ

    42-JUFɺ-PHDBU 8FC7JFX "DDPVOU.BOHFS  IUUQT ϓϥΠόγʔ৘ใɺύεϫʔυೖྗը໘  ΞϓϦέʔγϣϯอޢ ূ໌ॻ ৽͍͠ 1FSNJTTJPO $MJQCPBSE FUD FUD

  36. "OESPJEͷηΩϡϦςΟൣғ w ൣғ w ϑΝΠϧΞΫηεݖݶɺ"1,ϑΝΠϧอޢɺύʔ ϛογϣϯɺ"DUJWJUZ #SPBEDBTU 4FSWJDF  $POUFOU1SPWJEFSɺΠϯςϯτɺ҉߸Խɺ

    42-JUFɺ-PHDBU 8FC7JFX "DDPVOU.BOHFS  IUUQT ϓϥΠόγʔ৘ใɺύεϫʔυೖྗը໘  ΞϓϦέʔγϣϯอޢ ূ໌ॻ ৽͍͠ 1FSNJTTJPO $MJQCPBSE FUD FUD ɾɾɾώϩ͘Ͷ

  37. ։ൃऀͷ੹೚ൣғ w ηΩϡϦςΟൣғ w ϑΝΠϧΞΫηεݖݶɺ"1,ϑΝΠϧอޢɺύʔϛογϣϯɺ"DUJWJUZ  #SPBEDBTU 4FSWJDF $POUFOU1SPWJEFSɺΠϯςϯτɺ҉߸Խɺ42-JUFɺ -PH$BU

    8FC7JFX "DDPVOU.BOHFS IUUQT ϓϥΠόγʔ৘ใɺύεϫʔυ ೖྗը໘ ΞϓϦέʔγϣϯอޢ ূ໌ॻͷ؅ཧํ๏ ৽͍͠1FSNJTTJPO  $MJQCPBSE FUD FUD w ʹՃ͑ͯ ࣗ෼ͷମݧྫ  w ৽ن։ൃʢ໿̎ϲ݄ʣɺαʔϏεͷ,1*ʹԊ࣮ͬͨ૷ͷఏҊ શମͷઃܭ ίϯ ϙʔωϯτͷϥΠϑαΠΫϧΛߟྀͨ͠σʔλͷ΍ΓऔΓ ΧελϜ7JFXͷ࡞ ੒ σβΠφʔͱͷࣗࣾϒϥϯυͱ.BUFSJBM%FTJHOΨΠυʹԊͬͨσβΠϯͷ ݕ౼ɺ8FCଆ୲౰ऀͱͷ"1*࢓༷ݕ౼ ΧελϚʔαϙʔτ͔ΒͷόάใࠂରԠ  $*؀ڥͷ੔උɺςετͷ࡞੒ɺ"404&0ରࡦ FUD FUD

  38. ։ൃऀͷ੹೚ൣғ w ηΩϡϦςΟൣғ w ϑΝΠϧΞΫηεݖݶɺ"1,ϑΝΠϧอޢɺύʔϛογϣϯɺ"DUJWJUZ  #SPBEDBTU 4FSWJDF $POUFOU1SPWJEFSɺΠϯςϯτɺ҉߸Խɺ42-JUFɺ -PH$BU

    8FC7JFX "DDPVOU.BOHFS IUUQT ϓϥΠόγʔ৘ใɺύεϫʔυ ೖྗը໘ ΞϓϦέʔγϣϯอޢ ূ໌ॻͷ؅ཧํ๏ ৽͍͠1FSNJTTJPO  $MJQCPBSE FUD FUD w ʹՃ͑ͯ ࣗ෼ͷମݧྫ  w ৽ن։ൃʢ໿̎ϲ݄ʣɺαʔϏεͷ,1*ʹԊ࣮ͬͨ૷ͷఏҊ શମͷઃܭ ίϯ ϙʔωϯτͷϥΠϑαΠΫϧΛߟྀͨ͠σʔλͷ΍ΓऔΓ ΧελϜ7JFXͷ࡞ ੒ σβΠφʔͱͷࣗࣾϒϥϯυͱ.BUFSJBM%FTJHOΨΠυʹԊͬͨσβΠϯͷ ݕ౼ɺ8FCଆ୲౰ऀͱͷ"1*࢓༷ݕ౼ ΧελϚʔαϙʔτ͔ΒͷόάใࠂରԠ  $*؀ڥͷ੔උɺςετͷ࡞੒ɺ"404&0ରࡦ FUD FUD ɾɾɾΩπ͘Ͷ

  39. ಙؙઌੜ΋ಉ͡Α͏ͳ͜ͱݴͬ ͯͨʢͱࢥ͏ʣ <Ҿ༻ηΩϡΞίʔσΟϯάํ๏࿦࠶ߏஙͷࢼΈ IUUQXXXTMJEFTIBSFOFUPDLFHIFNSFDPOTUSVDUJPOPGTFDVSFDPEJOHNFUIPEPMPHJFT

  40. ՝୊͸ w ࣮૷࣌͸޿ൣғͳηΩϡϦςΟΛΧόʔ͢Δ༨ྗ͕ ͳ͍ w ͦ΋ͦ΋ߟ͑ͭ͘͜ͱ͢Βͳ͍͔΋͠Εͳ͍

  41. ղܾํ๏͸ w ։ൃͷ࣮૷͚࣌ͩͰͳ͘ɺ֤ஈ֊ͰඞཁͳηΩϡϦ ςΟରࡦΛߟ͑Δ͜ͱ

  42. #VJME4FDVSJUZ*Oͷ঺հ w ࠷ۙηΩϡϦςΟۀքͰ੝Γ্͕ͬͯΔ w l#VJME4FDVSJUZ*OJTBDPMMBCPSBUJWFF⒎PSUUIBU QSPWJEFTQSBDUJDFT UPPMT HVJEFMJOFT SVMFT QSJODJQMFT

     BOEPUIFSSFTPVSDFTUIBUTPGUXBSFEFWFMPQFST  BSDIJUFDUT BOETFDVSJUZQSBDUJUJPOFSTDBOVTFUPCVJME TFDVSJUZJOUPTPGUXBSFJOFWFSZQIBTFPGJUT EFWFMPQNFOUz w CZ64$&35 ถࠃࠃ౔҆શอোলʢ%)4ʣ഑Լͷ৘ใηΩϡϦςΟରࡦ૊৫ <Ҿ༻>IUUQXXXTPGUJDPSKQTFNJ@PQQEG

  43. #VJME4FDVSJUZ*Oͷ঺հ w ࠷ۙηΩϡϦςΟۀքͰ੝Γ্͕ͬͯΔ w lιϑτ΢ΣΞ։ൃͷશ޻ఔʹηΩϡϦςΟΛ૊Έ ࠐΊΔΑ͏ͳϕετɾϓϥΫςΟεɺπʔϧɺΨΠ υϥΠϯ౳ͷϦιʔεΛ։ൃऀͳͲʹఏڙ͢Δڠಉ తͳऔΓ૊Έz <Ҿ༻>IUUQXXXTPGUJDPSKQTFNJ@PQQEG

  44. Ͳ͏͍͏͜ͱ͔ɺͱݴ͏ͱ <Ҿ༻גࣜձࣾηλɾΠϯλʔφγϣφϧ>IUUQXXXTFUBJOUFSOBUJPOBMDPKQWJFUOBN@P⒎TIPSFTFDVSJUZPQUJPOIUNM

  45. ࠓճ͸͜Μͳײ͡Ͱ۠੾Δ ઃܭϑΣʔζ ࣮૷ϑΣʔ ζ ӡ༻ϑΣʔζ <Ҿ༻גࣜձࣾηλɾΠϯλʔφγϣφϧ>IUUQXXXTFUBJOUFSOBUJPOBMDPKQWJFUOBN@P⒎TIPSFTFDVSJUZPQUJPOIUNM

  46. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  47. ઃܭϑΣʔζͷηΩϡΞ։ൃ w ࣮૷ͦͷ΋ͷͰ͸ͳ͍ w ։ൃܭը΁ηΩϡϦςΟͷཁ݅Λ૊ΈࠐΉ w αʔϏε্ͷϦεΫʹର͢ΔڴҖͱ੬ऑੑͷચग़͠ w ϦεΫͷݦࡏԽ֖વੑ΍Өڹʹجͮ͘΍Δ΍Β൑அ

  48. ͳͥઃܭஈ֊Ͱ΍Δͷ͔ʁ w ίεύ͕͍͍ w ઃܭ࣌ΑΓӡ༻։࢝ޙͷରࡦඅ͸dഒ w ͷ੬ऑੑ͸ઃܭஈ֊Ͱੜ·ΕΔʢιʔεະ֬ೝʜ <Ҿ༻/3*>IUUQpTOSJDPKQKB+1QVCMJDBUJPOLJOZV@JUGCBDLOVNCFS

  49. "OESPJEઃܭ࣌ͷϙΠϯτ w ίίΒ΁Μʹ͍ͭͯಛʹ஫ҙΛ෷͍͍ͨʢLFOHPTDBMతʹʣ w ख໭Γ޻਺ɾӨڹ͕େ͖͍΋ͷ w σʔλͷอ؅ํ๏ w ηογϣϯͷอ࣋ͷ͔ͨ͠ w

    1FSNJTTJPO w SE1BSUZ੡ͷ޿ࠂϞδϡʔϧ w 8FC7JFXͰԿॲͰ࢖ͬͯɺԿΛ͍͔ͨ͠ w ҉߸Խํࣜ w ࿈ܞΞϓϦͷ༗ແʢίϯϙʔωϯτؒͷ࿈ܞʣ

  50. $BTF.POFZ'PSXBSE w ɹɹɹɹɹͷ##൛։ൃΛΠϝʔδ w αʔϏε঺հۚ༥ػؔʹࢿ࢈৘ใΛεΫϨΠϐϯ άʹ͍ͬͯɺͦΕΛҰݩԽ͢ΔΞϓϦ

  51. σʔλͷอଘํ๏ w ΞϓϦͰѻ͏σʔλͷॏཁ౓Λߟ͑Δ w ۚ༥ػؔͷϩάΠϯϑΥʔϜؔ࿈ͷ৘ใॏཁ౓௿ w σʔλྔ͕େ͖͍ͷͰ42-JUF࢖ͬͯฏจͰอଘ w ύείʔυॏཁ౓த w

    ύείʔυ͸҉߸Խ͓͖͍ͯͨ͠ͷͰ'JMFʹॻ͖ग़͢ w "&4$#$QLDTQBEEJOH w ଞͷ৘ใॏཁ౓ߴ w ϩʔΧϧʹอଘ͠ͳ͍

  52. 1FSNJTTJPO w ωοτϫʔΫ௨৴ɺϢʔβʔΞΧ΢ϯτɺࢦ໲ೝূ ͙Β͍͔͠࢖Θͳ͍ <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.USE_FINGERPRINT"

  53. 8FC7JFX w '"2ͱར༻ن໿Λදࣔͤ͞Δ͘Β͍ w $ISPNF$VTUPN5BCΛ࢖͏

  54. ࿈ܞΞϓϦͷ༗ແ w ࣗࣾͷΞϓϦͱ࿈ܞ͢ΔͨΊͷಠࣗ1FSNJTTJPOΛ ࡞Δ w ௕͍ͷͰʮ"OESPJEΞϓϦͷηΩϡΞઃܭɾηΩϡ ΞίʔσΟϯάΨΠυʯΛࢀর͞Εͨ͠ w ࣗࣾݶఆ"DUJWJUZΛ࡞Δɾར༻͢Δ w

    ಠࣗఆٛͷ4JHOBUVSF1FSNJTTJPOͰ ࣗࣾΞϓϦ࿈ܞ͢Δ

  55. "OUJ$BTF4LZQF w Ϣʔβʔͷݸਓ৘ใɾνϟοτཤྺ͕ྲྀग़ͨ͠ w ಠࣗੜ੒ͨ͠σΟϨΫτϦɾϑΝΠϧԼʹอଘ͠ ͨ"OESPJE04ʹΑΔอޢػೳ͕͖͔ͳ͔ͬͨ w %#ϑΝΠϧ΋ฏจͰอଘ͞Ε͍ͯͨ w #VJMEJO4FDVSJUZͷʮઃܭϑΣʔζʯʹ͓͍ͯʮσʔ

    λͷอ؅ํ๏ʯʹ͍ͭͯઃܭ͔Βߟ͑ͯΕ͹ɺ๷͛ ͨʢ͔΋ʣ

  56. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  57. ࣮૷ϑΣʔζͷηΩϡΞ։ൃ w ͋Δ͋ΔܥͷνΣοΫ͕ओ w IUUQT௨৴ʹ͓͚Δূ໌ॻݕূ࿙Ε w 8FC7JFXͷBEE+BWBTDSJQU*OUFSGBDF w -PH$BU w

    ͜͜͸։ൃऀͱͯ͠཈͓͍͑ͯͨํ͕͍͍ͱ͓΋͏ɹ

  58. جຊతʹ࣮૷ํ๏͸

  59. HHS ͹ग़͖ͯͯɺͦΕΛ࢖͑͹PL

  60. ຊʹهࡌ͞Ε͍ͯͳ͍΋ͷ w 63-$POOFDUJPOΫϥεʹ͓͚Δ)551ϔομΠϯ δΣΫγϣϯରࡦ w TFU3FRVFTU1SPQFSUZBEE3FRVFTU1SPQFSUZΛར ༻͍ͯ͠Δͱɺ)551ϔομΛ௨ͯ͡೚ҙͷίʔυ ΛͲ͔͜ΒͰ΋࣮ߦ͞ΕΔՄೳੑ͕͋Δ w ࠜຊରࡦ0L)UUQҎ্ʹ͢Δ

    w ϫʔΫΞϥ΢ϯυϔομͷೖྗ஋νΣοΫΛ͢Δ w ৄࡉIUUQTKWOKQWV+7/76

  61. ϔομͷೖྗ஋νΣοΫ <Ҿ༻4RVBSF>IUUQTHJUIVCDPNTRVBSFPLIUUQCMPCNBTUFSPLIUUQTSDNBJOKBWB private void checkNameAndValue(String name, String value) { if

    (name == null) throw new NullPointerException("name == null"); if (name.isEmpty()) throw new IllegalArgumentException("name is empty"); for (int i = 0, length = name.length(); i < length; i++) { char c = name.charAt(i); if (c <= '\u001f' || c >= '\u007f') { throw new IllegalArgumentException(String.format( "Unexpected char %#04x at %d in header name: %s", (int) c, i, name)); } } if (value == null) throw new NullPointerException("value == null"); for (int i = 0, length = value.length(); i < length; i++) { char c = value.charAt(i); if (c <= '\u001f' || c >= '\u007f') { throw new IllegalArgumentException(String.format( "Unexpected char %#04x at %d in %s value: %s", (int) c, i, name, value)); } } } w ରࡦࡁΈͷPLIUUQ͔Βίϐϖ

  62. Ξ΢τϥΠϯ w എܠ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  63. ӡ༻ϑΣʔζͷηΩϡΞ։ൃ w ΞϓϦʹॺ໊͢Δূ໌ॻɾ,FZ4UPSF؅ཧͷ࿩

  64. ূ໌ॻɾ,FZ4UPSFͷϦεΫ w ΞϓϦ੍͕ޚԼ͔Β཭ΕΔϦεΫ w ฆࣦͨ͠৔߹ΞϓϦͷΞϓσ͕Ͱ͖ͳ͘ͳΔ w ౪೉͞Εͨ৔߹ΞϓϦͷ৐ͬऔΓ w $BTF4UVEZ w

    ݟͨ໨શ͘ಉ͡Ͱɺۚ༥ػؔϩάΠ ϯ࣌ͷ৘ใΛނҙͷ63-ʹྲྀ͢

  65. ͋Γ͕ͪ ͳӡ༻؀ڥ

  66. ϩʔΧϧ։ൃ؀ڥ "༻ GFUDIQVTI TJHOEFQMPZ %༻ $༻ #༻ "༻

  67. Կ͕໰୊ͳͷ͔

  68. ໰୊ w ։ൃ୺຤ຖʹಠཱͯ͠ΔͷͰLFZTUPSFͷ؅ཧ͕͠ ʹ͍͘ w ߈ܸ౳ʹΑΔLFZTUPSF͕࿙Ӯ͢Δνϟωϧ͕޿͍ w ߈ܸख๏΍߈ܸର৅ͳͲ͕޿͍ͱ͍͏ҙຯ w ࿙Ӯൃ֮࣌ͷ௥੻͕೉͍͠

  69. ΅͘ͷ͔Μ͕͍͖͑ͨ͞ΐ͏ͷ ӡ༻؀ڥ

  70. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ

  71. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ ϩʔΧϧʹ͸LFZTUPSFΛஔ͔ͳ͍

  72. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ ϦϦʔεϏϧυ͸$*πʔϧͷδϣϒ͔ΒͷΈ LFZ4UPSFΛू໿

    ։ൃऀ͸جຊ8FC$IBU͔ΒδϣϒΛΩοΫ͢ΔͷΈ TTIͳͲͷϦϞʔτૢ࡞͸ݶఆ͞Εͨ໾৬ͷΈ

  73. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ BQL͸खಈɾࣗಈͰEFQMPZπʔϧ΋͘͠͸4UPSFʹΞο ϓϩʔυͯ͠ɺ୺຤ʹ഑෍

  74. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ $*πʔϧฆࣦͳͲͰ$*্ͷLFZ4UPSF͕ফ͑ͨ৔߹ʹSFTUPSFͰ͖ ΔΑ͏ʹɺLFZ4UPSFΛετϨʔδʹόοΫΞοϓɻ

    ͜Ε΋ݶఆ͞Εͨۀछɾ໾৬ͷΈ͕ΞΫηεՄೳ

  75. ϩʔΧϧ։ൃ؀ڥ "༻ 'FUDI1VTI #༻ $༻ 'FUDIPS)PPL #VJME%FQMPZ #BDLVQ $*؀ڥʹݶΒͣɺҕୗ΍डୗͷ৔߹΋LFZ4UPSFͷόοΫΞοϓ͸ ͬ͞͞ͱऔ͓ͬͯ͘ͷ͕҆ṛ

  76. Ξ΢τϥΠϯ w എܠͱΰʔϧ w Ͳ͔͜ΒηΩϡΞ։ൃΛֶͿ͔ʁ w ݱঢ়ͷ՝୊ w ઃܭϑΣʔζɺ࣮૷ϑΣʔζɺӡ༻ϑΣʔζ w

    ·ͱΊ

  77. ·ͱΊ w օ Ϣʔβʔɾ։ൃऀɾൃ஫ऀ Ͱ޾ͤʹͳΓ͍ͨ w ͦͷཁૉͱͯ͠ͷɾ඼࣭ͱͯ͠ͷηΩϡϦςΟ w ڭࡐ͸ἧ͍ͬͯΔ w

    ڭࡐ͕͓΋͗͢Δ৔߹͸ɺ։ൃஈ֊͝ͱʹඞཁͳη ΩϡϦςΟࢪࡦΛ෼ղ͢Δ

  78. օͰ҆શɾ҆৺ͳΤίγεςϜ Λఏڙ͍͖ͯ͠·͠ΐ͏ ݱࡏͷεϚϗϢʔβʔͷᶃ೔ͷར༻࣌ؒ͸1࣌ؒ49෼ɻ ΤίγεςϜࣗମ্͕෦Ͱ΋ɺΤίγεςϜͷ্ʹͷ͔ͬΔαʔϏε͕ةݥͳঢ়ଶͰ͸ɺ࣮ʹϢʔβʔ ͷ೔ৗੜ׆ͷ͏ͪ໾8%͕ةݥʹࡽ͞Ε͍ͯΔ͜ͱʹͳΔɻ ͜Ε͸͍Βͳ͍

  79. ͝ਗ਼ௌ ͋Γ͕ͱ͏͍͟͝·ͨ͠

  80. ͓·͚

  81. /ʹ͓͚ΔηΩϡϦςΟ w /FUXPSL4FDVSJUZ$POpHVSBUJPO w ,FZ"UUFTUBUJPO w 1FSNJTTJPO

  82. /FUXPSL4FDVSJUZ $POpHVSBUJPO w ίʔυͰهड़ͨ͠ূ໌ॻؔ࿈ͷಈ࡞ΛYNMͰॻ͚Δ w ৴པ͢Δ$"ͷϗϫΠτϦετԽ w ূ໌ॻϐχϯά w ฏจ௨৴ͷআ֎

  83. ,FZ"UUFTUBUJPO w )BSEXBSFCBDLFELFZTUPSFTͷϔϧύʔΈ͍ͨ ͳΠϝʔδ w )BSEXBSFCBDLFELFZTUPSFTͷݕূΛͯ͘͠Ε Δʁ

  84. 1FSNJTTJPO w (&5@"$$06/54 w %FQSFDBUFE w "$5*0/@01&/@&95&3/"-@%*3&$503: /&8 w "QQઐ༻ͷσΟϨΫτϦΛ࡞੒ɾݖݶ෇༩

  85. ଞ w 0L)UUQ͕)551ͷ3'$४ڌʹͳͬͨͬΆ͍ w ೔ຊޠΛϔομʹೖΕΒΕͳ͘ͳͬͨ