NSURLConnection在https上的安全性如何 [英] how secure is NSURLConnection over https

问题描述

我已经阅读了本网站上有关NSURLConnection和https的许多问题，但大多数问题都与不受信任的"证书以及如何允许它们有关.我的问题比较基本.我正在为处理在线捐赠的客户构建一个应用程序，我想使用NSLURLRequest加载他们的捐赠脚本并过帐信用卡详细信息的值(在应用程序中输入).当将这些详细信息发送到我的客户端服务器上的捐赠脚本时，NSURLConnection(在连接到https URL时)是否确保对这些详细信息进行加密?抱歉，如果这是一个基本问题，我只是无法在苹果文档中找到保证这一点的地方.

I've been reading through a number of questions on this site regarding NSURLConnection and https, but most relate to "untrusted" certificates and how to allow them nonetheless. My question is a little more basic. I am building an app for a client who handle online donations, and I would like to load their donation script using an NSLURLRequest and POST the values of credit card details (entered in the app). Does NSURLConnection (when connecting to a https url) ensure the encryption of those details as they are sent to the donation script on my clients server? Sorry if this is a basic question, I just couldn't find a place in the apple docs that guaranteed this.

推荐答案

要求使用受信任的证书可以防止假冒和中间人攻击.加密将达到服务器要求的安全性.

Requiring trusted certificates prevents impersonation and man-in-the-middle attacks. The encryption will be as secure as the server requires.

这篇关于NSURLConnection在https上的安全性如何的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！