与 Client Side Push Provisioning API 的通信涉及传输层和应用层的安全性。传输层使用 TLS 保护 HTTP 请求 (HTTPS),应用层使用 PGP 或 JWE 加密。
此外,我们的协议标准详细介绍了我们的 API 设计模式以及维护与合作伙伴之间稳定连接的策略。
密钥交换
加密密钥需要进行轮替,以防过期或被破解。在实现过程中,您需要有一个管理此类密钥交换的流程。
为了确保密钥轮替不会造成暂时性的服务中断或需要大量的管理开销,Client Side Push Provisioning 合作伙伴必须支持同时使用多个加密密钥。在密钥轮替期间,第二个密钥将获得信任并经过验证,在旧密钥被移除之前正常运行。
保留所有权利。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2024-10-16。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["没有我需要的信息","missingTheInformationINeed","thumb-down"],["太复杂/步骤太多","tooComplicatedTooManySteps","thumb-down"],["内容需要更新","outOfDate","thumb-down"],["翻译问题","translationIssue","thumb-down"],["示例/代码问题","samplesCodeIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2024-10-16。"],[[["This section outlines the establishment of connectivity with the Client Side Push Provisioning API, detailing its security model and API design patterns."],["Communication security involves Transport Layer Security (TLS) for HTTP requests and application layer security using either PGP or JWE encryption."],["Protocol standards and design patterns are documented to ensure robust connections with partners."],["Key exchanges and rotations are crucial, requiring support for multiple keys to avoid outages, with a warning that lacking this support is a launch-blocking bug."]]],["The Client Side Push Provisioning API uses TLS for transport layer security (HTTPS) and either PGP or JWE encryption for application layer security. Partners must adhere to API design patterns and protocol standards for robust connectivity. Encryption key rotation is mandatory; partners must support multiple encryption keys simultaneously to avoid outages. Failure to support multiple keys will be a launch-blocking issue. Key exchanges should be done before the key expires or it is compromised.\n"]]