Cheatsheet: Difference between revisions
Content added Content deleted
Line 456: | Line 456: | ||
Client Key Exchange (16) |
Client Key Exchange (16) |
||
Finished (20) |
Finished (20) |
||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
⚫ | |||
*Change Cipher Spec protocol: |
*Change Cipher Spec protocol: |
||
Line 463: | Line 470: | ||
Might or might not be encrypted; in a simple connection with single handshake, the CCS record is not encrypted. |
Might or might not be encrypted; in a simple connection with single handshake, the CCS record is not encrypted. |
||
*Alert Records are used in order to indicate to the peer that a condition has occured. |
|||
*Finished Messages |
|||
Some alerts are warnings, while others are fatal and cause the connection to fail. |
|||
⚫ | |||
Alerts might or might not be encrypted, and might occur during a handshake or during data transfer. |
|||
⚫ | |||
There are two types of alerts: |
|||
⚫ | |||
Closure Alerts: The connection must be properly closed in order to avoid any kind of truncation attacks. |
|||
⚫ | |||
A close_notify message indicates to the recipient that the sender will not send anymore messages on that connection. |
|||
Error Alerts: When an error is detected, the detecting party sends a message to the other party. |
|||
Upon transmission or receipt of a fatal alert message, both parties immediately close the connection. |
|||
Example: |
|||
unexpected_message (fatal) |
|||
decompression_failure |
|||
handshake_failure |
|||
*Application Data Record |
|||
⚫ | |||
These records contain the actual application data. |
|||
These messages are carried by the record layer and are fragmented, compressed, and encrypted, based on the current connection state. |
|||
= NetScaler = |
= NetScaler = |