Professional Documents
Culture Documents
Referer An http request header in which the client indicates the source of a
request; often this header contains the uniform resource identifier of the
Web page that contains the link the user followed.
Reliability The property of a system that measures the degree to which the
system operates properly.
Repeat Client Security A security service introduced in http version 1.1 that
allows the client and server to renegotiate keys. Key renegotiation pro-
vides additional security for clients that frequent the same server.
Replay Protection A security service that prevents adversaries from recording
valid messages and later replaying those messages and successfully mas-
querading as an authorized client.
Replication A database technology that maintains multiple synchronized cop-
ies of databases on different physical systems.
Request The message that initiates a client/server interaction. Clients send
requests to servers, and servers reply with responses.
Request for Comments (RFC) A specification or other document produced by
the Internet Engineering Task Force; the http version 1. 1 specification is
rfc number 2616.
Request-Line The first line of a client’s http message, consisting of an http
method, a uniform resource identifier (the Request-uri), and an http
version.
Request-URI The part of an http Request-Line that specified the uniform
resource identifier for the request.
Response The server’s answer to a client’s request. Also, a parameter of the
http Authorization header that carries the result of a client’s message
digest calculation.
Retry-After An http response header that gives the client a time after which
it should retry its request.
Return The ascii character represented by the binary value 0001101 and used
in Macintosh systems to indicate the end of a line of text; http uses the
combination of a linefeed character and a return character to mark the
end of its lines.
Glossary 299
Reverse Proxy Cache A proxy cache server deployed by or operated for Web
servers rather than Web clients.
rspauth A parameter of the Authentication-Info header that carries the result
of a server’s message digest calculation.
RST A tcp flag that indicates a connection should be reset.
Scaleability The quality of a system or design that permits it to easily and
gracefully accommodate significant increases in load.
Secure An attribute of an http cookie that tells the client to return the cookie
only on subsequent requests that are secure from eavesdropping.
Secure Hash A cryptographic algorithm that calculates a small binary value for
a large object; it has the property that if the original object changes at all,
the secure hash calculation result will change as well. Such algorithms are
also known as message digest algorithms.
Secure HTTP (SHTTP) A communications protocol based on http, as well as
several enhancements to http itself, that provides for secure
communications. shttp is classified as an experimental protocol and is
rarely used today.
Secure Sockets Layer (SSL) A communications protocol developed initially by
Netscape Communications that provides a secure communications chan-
nel for various applications. ssl is commonly used to secure Web com-
munications today. The Transport Layer Security protocol is a newer
version of ssl.
Security Protecting communications against various adversaries, including
those that masquerade, eavesdrop, or alter the message contents.
Segment A single tcp message.
Server The passive party in a client/server communications exchange. Clients
initiate the communication, and servers respond to clients’ requests. Also,
an http response header that allows a server to indicate its vendor, ver-
sion number, etc.
Server error An http response code in the range 500-599 that indicates an
error in the server.
300 HTTP Essentials
Server Hello An ssl message in which the server selects security parameters
for the session.
Server Hello Done An ssl message that servers send to indicate that they have
concluded their part of the initial ssl negotiation.
Session ID An arbitrary value that parties use to identify an ssl session. Both
parties can resume an earlier session by referencing its session id during
initial negotiations.
Set-Cookie2 An http response header that servers use to send cookies to
clients.
SHTTP-Certificate-Types An http header used by Secure http to identify
the format of public key certificates.
SHTTP-Cryptopts An http header used by Secure http to carry general
cryptographic options.
SHTTP-Key-Exchange-Algorithms An http header used by Secure http to
identify cryptographic algorithms used to exchange keys.
SHTTP-Message-Digest-Algorithms An http header used by Secure http
to identity cryptographic algorithms used to calculate the digest of a
message.
SHTTP-Privacy-Domain An http header used by Secure http to identify the
format of cryptographic information.
SHTTP-Privacy-Enhancements An http header used by Secure http to list
privacy enhancements desired or used for a message.
SHTTP-Signature-Algorithms An http header used by Secure http to
identify cryptographic algorithms used to digitally sign messages.
SHTTP-Symmetric-Content-Algorithms An http header used by Secure
http to identify cryptographic algorithms used to encrypt message
contents.
SHTTP-Symmetric-Header-Algorithms An http header used by Secure
http to identify cryptographic algorithms used to encrypt message
headers.
Glossary 301
Upgrade An http general header that asks the other party to upgrade the
communications to a different protocol.
User-Agent An http general header that identifies the client’s vendor, version
number, etc.
username A parameter of an http Authorization header that contains the
username for the request. Also, the component of a uniform resource
identifier that contains a username.
Vary An http response header that lists http headers other than the Request-
uri that determined the server’s response. Cache servers can use this in-
formation to determine if it is appropriate to return the same object on
subsequent requests.
Version An attribute of http cookies that identifies the version of http state
management that the parties are using; the current version is 1.
Virtual Host A single physical Web server acting as several different Web sites.
Internet service providers that offer Web hosting often share their sys-
tems among multiple customers in this manner.
Warning An http general header that carries additional information about a
message, usually intended to warn of potential cache problems.
Weak A property of an entity tag that implies objects with the same entity tag
value are equivalent, but not necessarily identical.
Web Short for the World Wide Web, the collection of http servers and appli-
cations accessible on the Internet.
Web Cache Communication Protocol (WCCP) A communications protocol
developed by Cisco Systems that allows cache servers to coordinate their
operation with access routers.
Web Proxy Auto Discovery (WPAD) A set of rules that clients may use to
automatically locate a proxy auto configuration script.
will-report-and-limit An http meter directive by which a proxy server indi-
cates it can support metering.
wont-ask An http meter directive by which an origin server indicates that it
will not ask for metering of an object.
Glossary 305
A Asterisk
entity tag value and, 90
Acceleration techniques, 225–228
If-Match header and, 87–88
Accept-Charset header, 58–59
as the value for the Vary header, 111
Accept-Encoding header, 59, 106
as a wildcard, 57
Accept header, 57–58
Authentication, 161. See also Web authentication
Accept-Language header, 59–60, 75
Network Element Control Protocol, 212
Accept-Ranges header, 60–61, 78
Authentication credentials, 204
Access routers, 201, 202–203
Authentication-Info header, 65, 140, 148
ack (acknowledge) flags, 15
Authentication-Info parameters, 141, 146
Advanced caching, 186–225
auth-int, 143, 154, 155
caching implementations in, 186–194
Authorization header, 65, 125, 132, 144, 145, 147, 153
Adversaries, message interception by, 153
Authorization parameters, 139–140
Age header, 61–64
auth value, 143, 154
algorithm parameter, 137, 139, 150, 154
Availability, Web site, 241–242. See also High
Allow header, 65, 125
availability
American Registry for Internet Numbers (arin), 248
Application layer protocols, 8
B
Application messages, 162–163
Application protocol, 5, 6 Backup server, switching to, 246
Application servers, 257–260 Banner ads, 40–41
Architectures, mirrored, 250–251 Base64 encoding, 76, 132
Asia-Pacific Network Information Center, 248 Basic Authentication, 130–133
problems with, 133
307
308 HTTP Essentials
Cache Array Routing Protocol (carp), 222–225. See Certificate requests, 165
Cache-Control directives, 66
Chunked transfer encoding, 74, 107, 108, 109
Cache problems, 113–114 Client digest calculation, for integrity protection, 154–
155
Caches
content modification for, 217 Client error status codes, 124–127
Cache servers, 26, 33–35, 201, 202–203. See also Proxy authentication of, 102, 114–115
servers: Servers cookie acceptance by, 43–44
communication among, 212–216 cryptographic authentication of, 163, 165–168
communication with network elements, 204, 205 redirecting to a new uri, 93–94
Echo messages, 213, 214 401 Unauthorized status code, 124, 130
402 Payment Required status code, 124
Electronic commerce, 163
403 Forbidden status code, 125
Elliptic curve cryptography, 169
en code, 60 404 Not Found status code, 125
405 Method Not Allowed status, 65
End user authentication, 265
405 Method Not Allowed status code, 125
Entity headers, 48, 51, 52
Entity tags, 81, 86 406 Not Acceptable status code, 125
407 Proxy Authentication Required status, 102
versus dates, 92
407 Proxy Authentication Required status
ETag header, 81–82, 136
ETag values, 82, 86, 90 code, 125–126
408 Request Timeout status code, 126
Expect: 100-continue header, 117, 118
409 Conflict status code, 126
Expect header, 83–84, 127
Expires header, 66, 84, 102, 107 410 Gone status code, 126
411 Length Required status code, 126
Exterior firewalls, 254–255. See also Firewalls
412 Precondition Failed status, 87, 91, 93
General headers, 48, 51, 52 http authorization, 131. See also Hypertext Transfer
GET request, 40, 41, 88, 101, 104, 119, 120, 122, 123, 136,
proxy servers and, 32
170, 213
securing, 162