background preloader

HATEOAS

HATEOAS
The HATEOAS constraint decouples client and server in a way that allows the server functionality to evolve independently. Details[edit] A REST client enters a REST application through a simple fixed URL. For example [2] here is a GET request to fetch an Account resource, requesting details in an XML representation: GET /account/12345 HTTP/1.1 Host: somebank.org Accept: application/xml ... Here is the response: HTTP/1.1 200 OK Content-Type: application/xml Content-Length: ... <? Note the response contains 4 possible follow-up links - to make a deposit, a withdrawal, a transfer or to close the account. Some time later the account information is retrieved again, but now the account is overdrawn: HTTP/1.1 200 OK Content-Type: application/xml Content-Length: ... <? Now only one link is available: to deposit more money. A client does not need to understand every media type and communication mechanism offered by the server. Origins[edit] Implementations[edit] See also[edit] Hypertext Application Language

QUIC QUIC (Quick UDP Internet Connections, pronounced quick) is an experimental transport layer[1] network protocol developed by Google and implemented in 2013.[2][3][4] QUIC supports a set of multiplexed connections between two endpoints over User Datagram Protocol (UDP), and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency, and bandwidth estimation in each direction to avoid congestion. QUIC's main goal is to optimize connection-oriented web applications currently using TCP.[1] Details[edit] As improving TCP is a long-term goal for Google, QUIC aims to be nearly equivalent to an independent TCP connection, but with much reduced latency (goal: 0-RTT connectivity overhead) and better SPDY support; if QUIC features prove effective, they could migrate into a later version of TCP and TLS. QUIC also allows higher level application protocols (such as SPDY) to reduce or compress redundant data transmissions (such as headers).

Le protocole HTTPS, ce n'est pas que du bonheur sur le Web Des chercheurs de l’Université Carnegie Mellon (États-Unis), de l’École polytechnique de Turin (Italie) et de Telefonica Research (Espagne) ont étudié les conséquences induites par le protocole de transfert hypertexte sécurisé HTTPS (HyperText Transfer Protocol Secure). Leur analyse (« The Cost of the “S” in HTTPS ») a été présentée la semaine dernière à Sydney, Australie, lors de l’événement CoNEXT. HTTPS combine le protocole HTTP (HyperText Transfer Protocol) avec une couche de chiffrement des échanges, comme TLS (Transport Layer Security) ou SSL (Secure Sockets Layer), et implique l’obtention d’un certificat d’authentification par une autorité tierce. La généralisation du protocole est désormais engagée. Aujourd’hui HTTPS représente 50% de l’ensemble des connexions HTTP. Cela signifie que « le coût de déploiement se justifie et peut être géré par de nombreux services », selon les auteurs de l’étude. Quizz ITespresso.fr : Connaissez-vous les principes du SMO ?

Quelles sociétés chiffrent les données de leurs utilisateurs ? « Korben Korben Quelles sociétés chiffrent les données de leurs utilisateurs ? L'EFF qui défend les droits des internautes aux États-Unis a interrogé des géants du web pour leur demander quelles sécurités étaient mises en place sur leurs services pour protéger les données personnelles de leurs utilisateurs. Depuis les preuves apportées par Snowden sur la surveillance massive, le chiffrement est au coeur de toutes les discussions. À la fois entre les internautes et la société, mais aussi en interne avec des liaisons chiffrées entre les data centers, sans oublier la transmission sécurisée des cookies. Vous avez aimé cet article ?

UPDATE: Encrypt the Web Report: Who's Doing What We’ve asked the companies in our Who Has Your Back Program what they are doing to bolster encryption in light of the NSA’s unlawful surveillance of your communications. We’re pleased to see that four five six seven eight companies—Dropbox, Facebook, Google, Microsoft, Sonic.net, SpiderOak, Twitter, and Yahoo—are implementing five out of five of our best practices for encryption. See the infographic. By adopting these practices, described below, these service providers have taken a critical step towards protecting their users from warrantless seizure of their information off of fiber-optic cables. While not every company in our survey has implemented every recommendation, each step taken helps, and we appreciate those who have worked to strengthen their security. Crypto Survey Results UPDATE, November 20, 2013: Facebook and Tumblr have provided further information to supplement the Encrypt the Web Report. This graphic is also available as an image file. Why Crypto Is So Important

Related: