使用私钥/公钥摘要认证
[英]digest authentication with secret / public key
问题描述
I'm working on providing some data to clients via API and have been examining various ways to authenticate requests. 
我正在努力通过API向客户端提供一些数据,并一直在研究各种方法来验证请求。 It looks like digest authentication will be the best route, since I can't be sure that the server will offer SSL, and there's no need for serious security. 似乎摘要式身份验证将是最佳途径,因为我不确定服务器是否将提供SSL,并且不需要严格的安全性。
I've worked (as a client) with plenty of APIs in the past including: 我过去(作为客户端)使用过许多API,包括:
- Amazon AWS that use a key pair (public key, secret key) 使用密钥对(公共密钥,私有密钥)的Amazon AWS
- Facebook that use app ID and key, (application ID, secret key) 使用应用程序ID和密钥(应用程序ID,密钥)的Facebook
Is there a general method to how these systems work? 这些系统的工作方式是否通用? Is there a name for this technique, or is this some variant on digest authentication? 此技术有名称吗,还是摘要身份验证的某些变体?
Thanks 谢谢
1 个解决方案
解决方案1
1 已采纳 2012-04-25 17:25:34
据我所知,您正在寻找数字签名 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.