java - Is it necessary to add signature verification based on HTTPS two-way authentication?

Question

Direct communication between enterprise systems is based on HTTPS two-way authentication. Is it necessary to add additional signature verification to key fields? It involves accounting and security, please give me some advice from someone with relevant experience!

伊谢尔伦 · Answer

HTTPS itself uses encrypted transmission.
Look at what kind of encryption your HTTPS certificate uses. SHA256 is originally a very high-level encryption method.
How many years is it expected that the current SSL encryption technology will be easily cracked?

And security is not only the security of the transmission process, but also involves other aspects. If you still can’t trust these encryption methods, then add another layer!

曾经蜡笔没有小新 · Answer

https can only ensure communication security
Digital signature can prevent repudiation

Php8, I'm coming too

Learn website layout in 30 minutes

Shangguan Oracle Beginner to Proficient Video Tutorial

Your first line of UNI-APP code

Flutter from scratch to app launch

Brother Lian New Linux Video Tutorial

AXURE 9 Video Tutorial (Suitable for Product Manager Interactive Product Design UI)

Zero Basic Proficiency PS Video Tutorial

16 day UI video tutorial to get you started

PS Techniques and Slicing Techniques Video Tutorial

Alibaba Cloud Environment Construction and Project Launch Video Tutorial

Overview of Computer Networks - Basic Knowledge that Programmers Must Master

Essential Tutorial for Programmers - HTTP Protocol Explanation

Websocket Video Tutorial