TCP/IP Animation , Website, SSL
Website, SSLThis scene shows how we can view website with PC.'Website data' is mass of the data in a web server PC which is published. We can get the server data by accessing it through the ISP (Internet Service Provider) we contract with.Before PC accesses the server PC, it must get its own global IP address and target global IP address. So as to get them, it is necessary to use DHCP, NAT and DNS. Detail explanation of them is in 'LAN, DHCP, NAT' scene or 'DNS' scene.After getting the both IP address, PC can access the server. The communication between them is according to TCP or UDP. Of these, TCP is used more than UDP. The brief procedure of TCP is as follows. First the connection between sender and receiver is established. Then web data is sent and the receiver replies every time. When the communication ends, the connection is closed.Nowadays SSL is prevail in TCP communication for security. In this case, the target URI is described 'https://www' instead of 'http://www'.*Code bit 'ACK' in TCP header is always sent after the first communication. So most 'ACK' doesn't have much meaning. In that case, the explanation and logging about 'ACK' is omitted in this app.
HTTPviewing website with browser1.PC : Accesses the website 'http://www.ogumo.co.jp'.2.PC : (SYN) Requests TCP connection.3.Server : (ACK) Connection OK.(SYN) I Request TCP connection, too.4.PC : (ACK) Connection OK.5.PC : (PSH) Please send website data.6.Server : (ACK) OK.(PSH) Sends the website data.7.PC : (ACK) Received.8.Server : (PSH) Sends the data.9.PC : (ACK) Received.10.Server : (PSH) This is the last data. All data has been sent.11.PC : (ACK) OK.12.PC : (FIN) Finishes the connection.13.Server : (ACK) OK.14.Server : (FIN) Finishes the connection, too.15.PC : (ACK) OK.16.PC : The connection has finished.HTTPSviewing SSL website with browser1.PC : Accesses website 'https://www.ogumo.co.jp' with SSL.2.PC : (SYN) Requests TCP connection.3.Server : (ACK) Connection OK.(SYN) I Request TCP connection, too.4.PC : (ACK) Connection OK.5.PC : Tells that PC accesses with SSL. And tells available algorithm to encrypt, too.6.Server : Encrypts Digital Certificate of the server with its Secret-key.7.Server : Sends Public-key and Digital Certificate of the server. And informs the algorithm to use.8.PC : Restores the Digital Certificate with Common-Key of CA in web browser.9.PC : Confirmed that the Public-key is sent from the HTTPS site.10.PC : Creates the random number data to make new Common-Keys at both PC and server.11.PC : Encrypts the random number data with the Public-key.12.PC : Sends the encrypted number data.13.Server : Received the encrypted number data.14.Server : Restores the number data with the server's Secret-key.15.Both : Both Server and PC make two kinds of Common-Keys from the data.16.Both : Common-Keys were created. PC's 2 keys and Server's 2 keys are the same.17.PC : After this, data packets are encrypted with Client Common-Key before sending.18.PC : (PSH) Please send website data.19.Server : The encrypted request is restored with Client Common-Key.20.Server : After this, web data is encrypted with Server Common-Key before sending.21.Server : (ACK)+(PSH) Sends the data.22.PC : The encrypted data is restored with Server Common-Key.23.PC : (ACK) Received.24.Server : (PSH) Sends the data.25.PC : (ACK) Received.26.Server : (PSH) This is the last data. All data has been sent.27.PC : (ACK) OK.28.Server : Received ACK.29.PC : (FIN) Finishes the connection without SSL.30.Server : (ACK) OK.31.Server : (FIN) Finishes the connection, too.32.PC : (ACK) OK.33.PC : The connection has finished.
|