HTTP协议头——Content-MD5
来源:互联网 发布:耐玩的单机游戏 知乎 编辑:程序博客网 时间:2024/06/07 08:33
以下为RFC1864的英文主要部分原文:
1. Introduction
Despite all of the mechanisms provided by MIME [1] which attempt to
protect data from being damaged in the course of email transport, it
is still desirable to have a mechanism for verifying that the data,
once decoded, are intact. For this reason, this memo defines the use
of an optional header field, Content-MD5, which may be used as a
message integrity check (MIC), to verify that the decoded data are
the same data that were initially sent. The Content-MD5 header may
also be placed in the encapsulated headers of an object of type
message/external-body, to be used to verify that the retreived and
decoded data are the same data that were initially referenced.
MIC:信息完整性检查,来保证数据传输的完整性。Content-MD5头可能放在一个消息对象内或者外部体内。
MD5 is an algorithm for computing a 128 bit “digest” of arbitrary-
length data, with a high degree of confidence that any alterations in
the data will be reflected in alterations in the digest.
2. Generation of the Content-MD5 Field
The Content-MD5 field is generated by only an originating user agent.
Message relays and gateways are expressly forbidden from generating a
Content-MD5 field.
Use of the Content-MD5 field is completely optional, but its use is
recommended whenever data integrity is desired, but Privacy-Enhanced
The Content-MD5 field may only be added to MIME entities of
a `leaf’ nature, i.e., the Content-MD5 field may be used with any
content type other than multipart or message/rfc822.
To generate the value of the Content-MD5 field, the MD5 algorithm is
computed on the canonical form of the MIME entity’s object. In
particular, this means that the sender applies the MD5 algorithm on
the data immediately after conversion to canonical form, before
applying any content-transfer-encoding, and that the receiver also
applies the MD5 algorithm on the canonical form, after undoing any
content-transfer-encoding. For textual data, this means the MD5
algorithm must be computed on data in which the canonical form for
newlines applies, that is, in which each newline is represented by a
CR-LF pair.
文本数据必须要经过编码,否则编码前后的签名不一致。
The output of the MD5 algorithm is a 128 bit digest. When viewed in
network byte order (big-endian order), this yields a sequence of 16
octets of binary data. These 16 octets are then encoded according to
the base64 algorithm in order to oBTain the value that is placed in
the Content-MD5 field. Thus, if the application of the MD5 algorithm
over the raw data of a MIME entity results in a digest having the
(unlikely) value of “Check Integrity!”, then that MIME entity’s
header could contain the field
编码过后的128bits的摘要一共16Bytes,通过base64编码得到Content-MD5头部的值。
Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ==
Finally, textual data is regularly
altered in the normal delivery of mail. Because the addition or
deletion of trailing white space will result in a different digest,
either the quoted-printable or base64 algorithm should be employed as
a content-transfer-encoding when the Content-MD5 field is used.
文本数据需要使用content-encoding指定的编码进行转换,否则增加和减少空白字符后的摘要会不同。
3. Processing the Content-MD5 field
If the Content-MD5 field is present, a recipient user agent may
choose to use it to verify that the contents of a MIME entity have
not been modified during transport. Message relays and gateways are
expressly forbidden to alter their processing based on the presence
of the Content-MD5 field. However, a message gateway is allowed to
remove the Content-MD5 field if the corresponding MIME entity is
translated into a different content-type.
4. Security Considerations
This document specifies a data integrity service that protects data
from accidental modification while in transit from the sender to the
recipient.
对于基于HTTP协议进行部分传输的应用,为确保数据完整性,最好需要设置这个扩展头,从而再客户端或者服务端进行完整性验证。
- HTTP协议头——Content-MD5
- Http协议头 Range、Content-Range分析
- Http/1.1协议 Content-Range头 用于http断点续传
- http头content-length
- HTTP头Content-Type
- http头 content-type
- Http协议Content-Length
- Http头 Range、Content-Range
- Http头 Range、Content-Range
- Servlet——使用http响应头Content-Disposition下载文件的示例
- HTTP协议头详解
- HTTP协议头详解
- HTTP头协议
- HTTP协议头分析
- HTTP协议头分析
- HTTP协议头详解
- 关于http协议头
- http协议头
- 虚拟机ssh免密码登陆
- 一 地图的加载与显示 关于GMap的介绍与使用可以看我以前的文章:
- 第三方
- Eclipse 导入项目乱码问题
- JDOM升级版练习
- HTTP协议头——Content-MD5
- Java 多线程核心技术梳理
- 利用 jQuery UI 和 Ajax 创建可定制的 Web 界面
- Django个人网站中加入Markdown编辑功能
- Shader配合后期模拟模糊折射
- 爱谱华顿2014经典案例巡展——楼宇篇
- HDU 3584 树状数组
- C语言(++地址)和(++数值)的区别
- NN网上教学系统可方便自己定制了