{"id":584,"date":"2017-01-16T10:21:25","date_gmt":"2017-01-16T01:21:25","guid":{"rendered":"https:\/\/column.prime-strategy.co.jp\/?p=584"},"modified":"2017-01-16T10:21:25","modified_gmt":"2017-01-16T01:21:25","slug":"ssl%e8%a8%bc%e6%98%8e%e6%9b%b8%e3%81%ae%e9%80%8f%e6%98%8e%e6%80%a7%e3%81%a3%e3%81%a6%e3%81%aa%e3%82%93%e3%81%a7%e3%81%99%e3%81%8b%ef%bc%9f","status":"publish","type":"post","link":"https:\/\/kusanagi.tokyo\/column\/archives\/column_584","title":{"rendered":"SSL\u8a3c\u660e\u66f8\u306e\u900f\u660e\u6027\u3063\u3066\u306a\u3093\u3067\u3059\u304b\uff1f"},"content":{"rendered":"

<\/span>\u306f\u3058\u3081\u306b<\/span><\/h2>\n

KUSANAGI-8.0.1 \u3067\u306fSSL\u8a3c\u660e\u66f8\u306e\u900f\u660e\u6027( CT(Certificate Transparency) \u3068\u547c\u3073\u307e\u3059) \u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u3059\u3002
\n\u4eca\u56de\u3001\u3053\u308c\u306b\u3064\u3044\u3066\u5c11\u3057\u89e3\u8aac\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n

<\/span>CT\u306e\u80cc\u666f<\/span><\/h2>\n

\u30d1\u30d6\u30ea\u30c3\u30af\u306aSSL\u8a3c\u660e\u66f8\u306f\u3001\u8a8d\u8a3c\u5c40(CA:Certification Authority)\u306b\u3088\u3063\u3066\u767a\u884c\u3055\u308c\u3001\u305d\u306e\u5185\u5bb9\u304c\u4fdd\u8a3c\u3055\u308c\u307e\u3059\u3002
\n\u3057\u304b\u3057\u3001\u8fd1\u5e74\u8a8d\u8a3c\u5c40\u304c\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u3092\u53d7\u3051\u3066\u507d\u306eSSL\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3057\u305f\u308a\u3001\u8aa4\u3063\u3066\u4e0d\u6b63\u306a\u8a3c\u660e\u66f8\u3092SSL\u767a\u884c\u3057\u305f\u308a\u3068\u3044\u3046\u4e8b\u4ef6\u304c\u3042\u308a\u307e\u3057\u305f\u3002
\n\u305d\u3053\u3067Google\u793e\u304c\u8003\u6848\u3057\u305f\u306e\u304c\u3001\u4e0d\u6b63\u306aSSL\u8a3c\u660e\u66f8\u3092\u65e9\u671f\u306b\u767a\u898b\u30fb\u691c\u77e5\u3059\u308b\u305f\u3081\u306e\u4ed5\u7d44\u307f\u3067\u3042\u308bCT\u3092(Certificate Transparency)\u3067\u3059\u3002\u3053\u308c\u306f\u3001\u73fe\u5728RFC6922\u3068\u3057\u3066\u898f\u683c\u5316\u3055\u308c\u3001Google Chrome \u306a\u3069\u304c\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n

<\/span>CT\u306e\u4ed5\u7d44\u307f<\/span><\/h2>\n

CT\u306f\u3001SSL\u8a3c\u660e\u66f8\u3092\u30ed\u30b0\u30b5\u30fc\u30d0\u306b\u767b\u9332\u3057\u3066\u53d6\u5f97\u3059\u308bSCT(Signed Certificate Timestamp) \u3068SSL\u8a3c\u660e\u66f8\u3092Web\u30b5\u30fc\u30d0\u3067\u63d0\u4f9b\u3057\u307e\u3059\u3002
\nWeb\u30d6\u30e9\u30a6\u30b6\u306fWeb\u30b5\u30fc\u30d0\u304b\u3089\u53d6\u5f97\u3057\u305fSCT\u304c\u3001\u30ed\u30b0\u30b5\u30fc\u30d0\u306b\u767b\u9332\u3055\u308c\u3066\u3044\u308b\u304b\u3069\u3046\u304b\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u3067\u3001SSL\u8a3c\u660e\u66f8\u304c\u6b63\u5f53\u306a\u3082\u306e\u3067\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n

CT\u3092\u5b9f\u73fe\u3059\u308b\u305f\u3081\u306b\u306f\u3001\u5e7e\u3064\u304b\u306e\u65b9\u6cd5\u304c\u3042\u308a\u307e\u3059\u3002
\n\u4e00\u3064\u306f\u8a8d\u8a3c\u5c40\u304cSCT\u4ed8\u304dSSL\u8a3c\u660e\u66f8\u3092\u63d0\u4f9b\u3059\u308b\u3082\u306e\u3067\u3059\u3002
\n\u8a8d\u8a3c\u5c40\u306fSSL\u8a3c\u660e\u66f8\u3092\u30ed\u30b0\u30b5\u30fc\u30d0\u306b\u767b\u9332\u3057\u3001\u30ed\u30b0\u30b5\u30fc\u30d0\u304b\u3089SCT(Signed Certificate Timestamp)\u3092\u53d6\u5f97\u3057\u3001SCT\u4ed8\u304d\u306eSSL\u8a3c\u660e\u66f8\u3092\u63d0\u4f9b\u3057\u307e\u3059\u3002Web\u30b5\u30fc\u30d0\u3067\u306f\u3001\u3053\u306eSCT\u4ed8\u304d\u306eSSL\u8a3c\u660e\u66f8\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002
\n\u3082\u3046\u4e00\u3064\u306f\u3001\u8a8d\u8a3c\u5c40\u304cSSL\u8a3c\u660e\u66f8\u3068SCT\u3092\u63d0\u4f9b\u3057\u3001Web\u30b5\u30fc\u30d0\u3067\u306f\u3053\u306e2\u3064\u3092\u4f7f\u7528\u3057\u3066SCT\u4ed8\u304d\u306eSSL\u8a3c\u660e\u66f8\u3068\u3059\u308b\u3082\u306e\u3067\u3059\u3002<\/p>\n

<\/span>KUSANAGI\u3067\u306eCT\u5b9f\u73fe<\/span><\/h2>\n

KUSANAGI\u3067\u306f\u3001NGINX \u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u5834\u5408\u306b\u9650\u308a CT \u306b\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u3059\u3002
\nKUSANAGI\u3067CT\u3092\u4f7f\u7528\u3059\u308b\u5834\u5408\u30013\u3064\u306e\u65b9\u6cd5\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n