enable MAC check on underlayer transport for node-httpp
- 2013-11-06 @ 00:17
HTTPS run HTTP over TLS/SSL over TCP. If midle-man-attack forge tcp-rst
packet and send to both peers, the tcp connection will broken.
But, HTTPPS run HTTP over TLS over UDT, wich's user-space transport
based-on UDP. So, I leverage TLS to handshake public key exchange, then got
TLS session key and use TLS/session key to authenticate UDT control packet,
that can avoid midle-man-attack. There is no inneed authenticate UDT data
packet, which's protected by TLS.