“One thing the servers and clients in Parts 1, 2, and 3 had in
common is that they operated completely in the clear,
cryptographically speaking. Sometimes, however, you want to keep
your connection free from prying eyes (or from
tampering/spoofing).“While protocols for determining permissions on server resources
are interesting, for this installment I want to look at protocols
involving actual wire-level encryption. But for general background,
you might want to investigate Web-oriented mechanisms such as Basic
Authentication, which is described in RFC-2617 and implemented in
Apache and other Web servers. The Twisted package twisted.cred is a
general but complex framework for providing authentication services
in general-purpose Twisted servers (not limited to Web
servers).“There are two widespread APIs for wire-level encryption over
the Internet: SSL and SSH. The former, SSL (Secure Sockets Layer)
is widely implemented in Web browsers and Web servers; in
principle, however, there is no reason SSL is specifically tied to
the HTTP protocol. SSL combines a public-key infrastructure,
complete with a ‘web-of-trust’ based on Certificate Authorities,
with creation of a session key for standard symmetrical encryption
during the life of a particular connection…”
developerWorks: Network Programming with the Twisted framework, Part 4
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis