The interviewer asked me HTTP, I really am

Interviewer : we talk about HTTP today?

Candidate : Well, HTTP "protocol" is a communication format for "interaction" between client and server

Candidate : The so-called "agreement" is actually a "format" agreed upon by both parties, so that both parties can understand.

Candidate : The so-called interaction is actually "request" and "response"

Interviewer : Do you know the difference between the various versions of HTTP?

candidate : HTTP1.0 defaults to a short connection, each time you interact with the server, you need to open a new connection

candidate HTTP1.1 version is the "default persistent connection". As long as the client server does not disconnect the TCP connection, the connection is maintained, and multiple HTTP requests can be sent.

candidate : Next is "Chunked transfer-coding". Use HTTP message header to use block transfer coding to transfer the entity body in blocks

Candidate : HTTP/2 no longer transmits in text mode, adopts "binary framing layer", "compresses" the header, supports "flow control", the most important thing is that HTTP/2 supports "multi-channel "Multiplexing" (initiate multiple request and response messages "in parallel" through a single TCP connection)

Interviewer : Well, interrupt a bit. I know that the HTTP1.1 version has a pipelining theory, but it is turned off by default. Pipeline is very similar to HTTP/2 "multiplexing". What is the difference between them?

candidate : The "pipeline" proposed by HTTP1.1 can only be "serial" (a response must be fully returned before the next request will start transmission)

candidate : HTTP/2 multiplexing uses the "framing" data stream to decompose the HTTP protocol into "mutually independent" frames (sent for each frame "standard sequence", and press Order reorganization), and then can be sent out of order to avoid the problem of “to a certain extent” the head of the line blocking

candidate : However, whether it is HTTP1.1 or HTTP/2, the "processing order" of the response always needs to be consistent with the order of the request. If the response of a request is slow, there will still be blocking problems.

candidate : This is limited by the underlying HTTP transport protocol being TCP, and there is no way to completely solve the problem of "head-of-line blocking"

Interviewer : Oh, good.

candidate : The biggest difference between HTTP/3 and the previous version is that HTTP1.x and HTTP/2 are both TCP at the bottom, while HTTP/3 is UDP at the bottom. Using HTTP/3 can reduce RTT "round trip delay" (TCP three-way handshake, TLS handshake)

Interviewer : Do you understand the HTTPS process?

Candidate : Well, in my understanding, HTTPS is the "secure" HTTP protocol (encrypted in the transmission link between the client and the server)

Candidate : The first thing HTTPS must solve is the authentication problem

Candidate : The client needs to know exactly whether the server is "real", so there will be a role in HTTPS: CA (Credit Agency)

candidate : Before using HTTPS, the server needs to apply for a "digital certificate" from a certified CA. The digital certificate contains information such as the certificate holder, the validity period of the certificate, and the "server public key"

Candidate : The CA organization also has its own public and private key. Before issuing a digital certificate, it will use its own "private key" to encrypt the digital certificate

candidate : When the client requests the server, the server returns the certificate to the client. The client uses the CA's public key to decrypt the certificate (because the CA is a public trust agency and will be built into the browser or operating system, the client will have the public key). At this time, the client will judge this "whether the certificate is trusted/has been tampered with"

candidate : private key encryption, public key decryption we call "digital signature" (this way you can check whether it has been tampered with)

candidate : At this point, the "authentication" problem is solved, at least the client can guarantee that it is communicating with the "real server".

candidate : After solving the "authentication" problem, the "confidentiality" problem must be solved. The communication content between the client and the server will not be leaked to third parties during transmission

candidate : After the client gets the digital certificate from the CA, it can get the public key of the server

Candidate 161a96c1bb1200: The client generates a Key as the secret key for "symmetric encryption"

Candidate : The server uses its own "private key to decrypt" the client's data to obtain the symmetric encryption key

candidate : Then the client and server can use the "symmetric encryption key" to send and receive messages happily

Interviewer : I got it

Follow my WeChat public [161a96c1bb127b Java3y ] to talk about the difference!

[Online interviewer + writing Java projects from scratch] continuously updated with high intensity! Ask star

originality is not easy! ! Seeking three links! !