1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
|
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
<manualpage>
<relativepath href="."/>
<title>Glossary</title>
<summary>
<p>This glossary defines some of the common terminology related to
Apache in particular, and web serving in general. More information
on each concept is provided in the links.</p>
</summary>
<section id="definitions"><title>Definitions</title>
<dl>
<dt><a name="authentication">Authentication</a></dt> <dd>The positive
identification of a network entity such as a server, a client, or a
user.<br /> See: <a
href="howto/auth.html">Authentication, Authorization, and Access
Control</a></dd>
<dt><a name="accesscontrol">Access Control</a></dt>
<dd>The restriction of access to network realms. In an Apache context
usually the restriction of access to certain <em>URLs</em>.<br />
See: <a
href="howto/auth.html">Authentication, Authorization, and Access
Control</a></dd>
<dt><a name="algorithm">Algorithm</a></dt>
<dd>An unambiguous formula or set of rules for solving a problem in
a finite number of steps. Algorithms for encryption are usually called
<dfn>Ciphers</dfn>.</dd>
<dt><a name="apacheextensiontool">APache eXtension Tool</a> <a
name="apxs">(apxs)</a></dt> <dd>A perl script that aids in compiling <a
href="#module">module</a> sources into Dynamic Shared Objects (<a
href="#dso">DSO</a>s) and helps install them in the Apache Web
server.<br /> See: <a
href="programs/apxs.html">Manual Page: apxs</a></dd>
<dt><a name="certificate">Certificate</a></dt>
<dd>A data record used for authenticating network entities such
as a server or a client. A certificate contains X.509 information pieces
about its owner (called the subject) and the signing <em>Certificate
Authority</em> (called the issuer), plus the owner's public key and the
signature made by the CA. Network entities verify these signatures using
CA certificates.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="certificationauthority">Certification Authority</a> <a
name="ca">(CA)</a></dt> <dd>A trusted third party whose purpose is to
sign certificates for network entities it has authenticated using
secure means. Other network entities can check the signature to verify
that a CA has authenticated the bearer of a certificate.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="certificatsigningrequest">Certificate Signing Request</a>
<a name="csr">(CSR)</a></dt> <dd>An unsigned certificate for
submission to a <em>Certification Authority</em>, which signs it with
the <em>Private Key</em> of their CA <em>Certificate</em>. Once the
CSR is signed, it becomes a real certificate.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="cipher">Cipher</a></dt> <dd>An algorithm or system for
data encryption. Examples are DES, IDEA, RC4, etc.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="ciphertext">Ciphertext</a></dt> <dd>The result after <a
href="#plaintext">Plaintext</a> is passed through a <a
href="#cipher">Cipher</a>.<br /> See: <a href="ssl/">SSL/TLS
Encryption</a></dd>
<dt><a name="commongatewayinterface">Common Gateway Interface</a> <a
name="cgi">(CGI)</a></dt> <dd>A standard definition for an interface
between a web server and an external program that allows the external
program to service requests. The interface was originally defined by
<a href="http://hoohoo.ncsa.uiuc.edu/cgi/overview.html">NCSA</a> but
there is also an <a href="http://cgi-spec.golux.com/">RFC
project</a>.<br />
See: <a href="howto/cgi.html">Dynamic Content with CGI</a></dd>
<dt><a name="configurationdirective">Configuration Directive</a></dt>
<dd>See: <a href="#directive">Directive</a></dd>
<dt><a name="configurationfile">Configuration File</a></dt>
<dd>A text file containing <a href="#directive">Directives</a>
that control the configuration of Apache.<br />
See: <a href="configuring.html">Configuration Files</a></dd>
<dt><a name="connect">CONNECT</a></dt> <dd>An HTTP <a
href="#method">method</a> for proxying raw data channels over HTTP. It
can be used to encapsulate other protocols, such as the SSL
protocol.</dd>
<dt><a name="context">Context</a></dt> <dd>An area in the <a
href="#configurationfile">configuration files</a> where certain types
of <a href="#directive">directives</a> are allowed.<br /> See: <a
href="mod/directive-dict.html#Context">Terms
Used to Describe Apache Directives</a></dd>
<dt><a name="digitalsignature">Digital Signature</a></dt>
<dd>An encrypted text block that validates a certificate or other file. A
<em>Certification Authority</em> creates a signature by generating a
hash of the <em>Public Key</em> embedded in a <em>Certificate</em>, then
encrypting the hash with its own <em>Private Key</em>. Only the CA's
public key can decrypt the signature, verifying that the CA has
authenticated the network entity that owns the <em>Certificate</em>.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="directive">Directive</a></dt> <dd>A configuration command
that controls one or more aspects of Apache's behavior. Directives
are placed in the <a href="#configurationfile">Configuration
File</a><br /> See: <a href="mod/directives.html">Directive
Index</a></dd>
<dt><a name="dynamicsharedobject">Dynamic Shared Object</a> <a
name="dso">(DSO)</a></dt> <dd><a href="#module">Modules</a> compiled
seperately from the Apache httpd binary that can be loaded on-demand.<br />
See: <a href="dso.html">Dynamic Shared Object Support</a></dd>
<dt><a name="environmentvariable">Environment Variable</a> <a
name="env-variable">(env-variable)</a></dt>
<dd>Named variables managed by the operating system shell
and used to store information and communicate between programs. Apache also
contains internal variables that are referred to as environment variables,
but are stored in internal Apache structures, rather than in the
shell environment.<br />
See: <a href="env.html">Environment Variables in Apache</a></dd>
<dt><a name="export-crippled">Export-Crippled</a></dt>
<dd>Diminished in cryptographic strength (and security) in order to comply
with the United States' Export Administration Regulations (EAR).
Export-crippled cryptographic software is limited to a small key size,
resulting in <em>Ciphertext</em> which usually can be decrypted by brute
force.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="filter">Filter</a></dt> <dd>A process that is applied to
data that is sent or received by the server. Input filters process
data sent by the client to the server, while output filters process
documents on the server before they are sent to the client. For
examle, the <code>INCLUDES</code> output filter processes documents
for <a href="#ssi">Server Side Includes</a>.<br /> See: <a
href="filter.html">Filters</a></dd>
<dt><a name="fully-qualifieddomain-name">Fully-Qualified
Domain-Name</a> <a name="fqdn">(FQDN)</a></dt> <dd>The unique name of
a network entity, consisting of a hostname and a domain name that can
resolve to an IP address. For example, <code>www</code> is a hostname,
<code>example.com</code> is a domain name, and
<code>www.example.com</code> is a fully-qualified domain name.</dd>
<dt><a name="handler">Handler</a></dt> <dd>An internal Apache
representation of the action to be performed when a file is
called. Generally, files have implicit handlers, based on the file
type. Normally, all files are simply served by the server, but certain
file types are "handled" separately. For example, the
<code>cgi-script</code> handler designates files to be processed as <a
href="#cgi">CGIs</a>.<br />
See: <a href="handler.html">Apache's Handler Use</a></dd>
<dt><a name="header">Header</a></dt>
<dd>The part of the <a href="#http">HTTP</a> request and response that
is sent before the actual content, and that contains meta-information
describing the content.</dd>
<dt><a name=".htaccess">.htaccess</a></dt> <dd>A <a
href="#configurationfile">configuration file</a> that is placed inside
the web tree and applies configuration <a
href="#directive">directives</a> to the directory where it is placed
and all sub-directories. Despite its name, this file can hold almost
any type of directive, not just access-control directives.<br />
See: <a href="configuring.html">Configuration Files</a></dd>
<dt><a name="httpd.conf">httpd.conf</a></dt>
<dd>The main Apache <a href="#configurationfile">configuration file</a>.
The default location is <code>/usr/local/apache2/conf/httpd.conf</code>,
but it may be moved using run-time or compile-time configuration.<br />
See: <a href="configuring.html">Configuration Files</a></dd>
<dt><a name="hypertexttransferprotocol">HyperText Transfer
Protocol</a> <a name="http">(HTTP)</a></dt> <dd>The standard
transmission protocol used on the World Wide Web. Apache implements
version 1.1 of the protocol, refered to as HTTP/1.1 and defined by <a
href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.</dd>
<dt><a name="https">HTTPS</a></dt>
<dd>The HyperText Transport Protocol (Secure), the standard encrypted
communication mechanism on the World Wide Web. This is actually just HTTP
over <a name="ssl">SSL</a>.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="method">Method</a></dt> <dd>In the context of <a
href="#http">HTTP</a>, an action to perform on a resource, specified
on the request line by the client. Some of the methods available in
HTTP are <code>GET</code>, <code>POST</code>, and <code>PUT</code>.</dd>
<dt><a name="messagedigest">Message Digest</a></dt>
<dd>A hash of a message, which can be used to verify that the contents of
the message have not been altered in transit.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="mime-type">MIME-type</a></dt> <dd>A way to describe the
kind of document being transmitted. Its name comes from that fact
that its format is borrowed from the Multipurpose Internet Mail
Extensions. It consists of a major type and a minor type, separated
by a slash. Some examples are <code>text/html</code>,
<code>image/gif</code>, and <code>application/octet-stream</code>. In
HTTP, the MIME-type is transmitted in the <code>Content-Type</code> <a
href="#header">header</a>.<br /> See: <a
href="mod/mod_mime.html">mod_mime</a></dd>
<dt><a name="module">Module</a></dt> <dd>An independent part of a
program. Much of Apache's functionality is contained in modules that
you can choose to include or exclude. Modules that are compiled into
the Apache httpd binary are called <em>static modules</em>, while
modules that are stored seperately and can be optionally loaded at
run-time are called <em>dynamic modules</em> or <a
href="#dso">DSOs</a>. Modules that are included by default are called
<em>base modules</em>. Many modules are available for Apache that are
not distributed as part of the Apache HTTP Server <a
href="#tarball">tarball</a>. These are referred to as <em>third-party
modules</em>.<br />
See: <a href="mod/">Module Index</a></dd>
<dt><a name="modulemagicnumber">Module Magic Number</a> (<a
name="mmn">MMN</a>)</dt>
<dd>
Module Magic Number is a constant defined in the Apache source code
that is associated with binary compatibility of modules. It is changed
when internal Apache structures, function calls and other significant
parts of API change in such a way that binary compatiblity cannot be
guaranteed any more. On MMN change, all third party modules have to be
at least recompiled, sometimes even slightly changed in order to work
with the new version of Apache.
</dd>
<dt><a name="openssl">OpenSSL</a></dt>
<dd>The Open Source toolkit for SSL/TLS<br />
see <a href="http://www.openssl.org/">http://www.openssl.org/</a></dd>
<dt><a name="passphrase">Pass Phrase</a></dt> <dd>The word or phrase
that protects private key files. It prevents unauthorized users from
encrypting them. Usually it's just the secret encryption/decryption
key used for <a name="cipher">Ciphers</a>.<br /> See: <a
href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="plaintext">Plaintext</a></dt>
<dd>The unencrypted text.</dd>
<dt><a name="privatekey">Private Key</a></dt> <dd>The secret key in a
<a name="publickeycryptography">Public Key Cryptography</a> system,
used to decrypt incoming messages and sign outgoing ones.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="proxy">Proxy</a></dt> <dd>An intermediate server that
sits between the client and the <em>origin server</em>. It accepts
requests from clients, transmits those requests on to the origin
server, and then returns the response from the origin server to the
client. If several clients request the same content, the proxy
can deliver that content from its cache, rather than requesting it
from the origin server each time, thereby reducing response time.<br />
See: <a href="mod/mod_proxy.html">mod_proxy</a></dd>
<dt><a name="publickey">Public Key</a></dt> <dd>The publically
available key in a <a name="publickeycryptography">Public Key
Cryptography</a> system, used to encrypt messages bound for its owner
and to decrypt signatures made by its owner.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="publickeycryptography">Public Key Cryptography</a></dt>
<dd>The study and application of asymmetric encryption systems, which
use one key for encryption and another for decryption. A corresponding
pair of such keys constitutes a key pair. Also called Asymmetric
Crypography.<br /> See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="regularexpresion">Regular Expression</a> <a
name="regex">(Regex)</a></dt> <dd>A way of
describing a pattern in text - for example, "all the words that begin with the
letter A" or "every 10-digit phone number" or even "Every sentence
with two commas in it, and no capital letter Q". Regular expressions
are useful in Apache because they let you apply certain
attributes against collections of files or resources in very flexible
ways - for example, all .gif and .jpg files under any "images"
directory could be written as "<code>/images/.*(jpg|gif)$</code>".
Apache uses Perl Compatible Regular Expressions provided by the
<a href="http://www.pcre.org/">PCRE</a> library.</dd>
<dt><a name="reverseproxy">Reverse Proxy</a></dt> <dd>A <a
href="#proxy">proxy</a> server that appears to the client as if it is
an <em>origin server</em>. This is useful to hide the real origin
server from the client for security reasons, or to load balance.</dd>
<dt><a name="securesocketslayer">Secure Sockets Layer</a> <a
name="ssl">(SSL)</a></dt> <dd>A protocol created by Netscape
Communications Corporation for general communication authentication
and encryption over TCP/IP networks. The most popular usage is
<em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP) over SSL.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="serversideincludes">Server Side Includes</a> <a
name="ssi">(SSI)</a></dt> <dd>A technique for embedding processing
directives inside HTML files.<br /> See: <a
href="howto/ssi.html">Introduction to Server Side Includes</a></dd>
<dt><a name="session">Session</a></dt>
<dd>The context information of a communication in general.</dd>
<dt><a name="ssleay">SSLeay</a></dt>
<dd>The original SSL/TLS implementation library developed by
Eric A. Young</dd>
<dt><a name="symmetriccryptophraphy">Symmetric Cryptography</a></dt>
<dd>The study and application of <em>Ciphers</em> that use a single secret key
for both encryption and decryption operations.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="tarball">Tarball</a></dt>
<dd>A package of files gathered together using the <code>tar</code>
utility. Apache distributions are stored in compressed tar archives
or using pkzip.</dd>
<dt><a name="transportlayersecurity">Transport Layer Security</a> <a
name="tls">(TLS)</a></dt> <dd>The successor protocol to SSL, created
by the Internet Engineering Task Force (IETF) for general
communication authentication and encryption over TCP/IP networks. TLS
version 1 and is nearly identical with SSL version 3.<br />
See: <a href="ssl/">SSL/TLS Encryption</a></dd>
<dt><a name="uniformresourcelocator">Uniform Resource Locator</a> <a
name="url">(URL)</a></dt> <dd>The name/address of a resource on the
Internet. This is the common informal term for what is formally
called a <a href="#uniformresourceidentifier">Uniform Resource
Identifier</a>. URLs are usually made up of a scheme, like
<code>http</code> or <code>https</code>, a hostname, and a path. A
URL for this page is
<code>http://httpd.apache.org/docs-2.1/glossary.html</code>.</dd>
<dt><a name="uniformresourceidentifier">Uniform Resource Identifier</a> <a
name="URI">(URI)</a></dt> <dd>A compact string of characters for
identifying an abstract or physical resource. It is formally defined
by <a href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>.
URIs used on the world-wide web are commonly referred to
as <a href="#url">URLs</a>.</dd>
<dt><a name="virtualhosting">Virtual Hosting</a></dt> <dd>Serving
multiple websites using a single instance of Apache. <em>IP virtual
hosting</em> differentiates between websites based on their IP
address, while <em>name-based virtual hosting</em> uses only the name
of the host and can therefore host many sites on the same IP
address.<br /> See: <a href="vhosts/">Apache Virtual Host
documentation</a></dd>
<dt><a name="x.509">X.509</a></dt> <dd>An authentication certificate
scheme recommended by the International Telecommunication Union
(ITU-T) which is used for SSL/TLS authentication.<br /> See: <a
href="ssl/">SSL/TLS Encryption</a></dd>
</dl>
</section>
</manualpage>
|