Jump to content

Cheatsheet: Difference between revisions

Cheatsheet (view source)

Revision as of 12:01, 30 September 2019

1,160 bytes added ,  4 years ago
→‎SSL Handshake
Line 456:
Client Key Exchange (16)
Finished (20)
 
AlwaysFinished Messages are always sent immediately after a Change Cipher Spec message in order to verify that the key exchange and authentication processes were successful.
The Finished message is the first protected packet with the most recently negotiated algorithms, keys, and secrets.
No acknowledgment of the Finished message is required; parties can begin to send encrypted data immediately after they send the Finished message.
Recipients of Finished messages must verify that the contents are correct.
 
* Hello Request
 
*Change Cipher Spec protocol:
Line 463 ⟶ 470:
Might or might not be encrypted; in a simple connection with single handshake, the CCS record is not encrypted.
 
*Alert Records are used in order to indicate to the peer that a condition has occured.
*Finished Messages
Some alerts are warnings, while others are fatal and cause the connection to fail.
Always sent immediately after a Change Cipher Spec message in order to verify that the key exchange and authentication processes were successful.
Alerts might or might not be encrypted, and might occur during a handshake or during data transfer.
The Finished message is the first protected packet with the most recently negotiated algorithms, keys, and secrets.
There are two types of alerts:
No acknowledgment of the Finished message is required; parties can begin to send encrypted data immediately after they send the Finished message.
Closure Alerts: The connection must be properly closed in order to avoid any kind of truncation attacks.
Recipients of Finished messages must verify that the contents are correct.
A close_notify message indicates to the recipient that the sender will not send anymore messages on that connection.
Error Alerts: When an error is detected, the detecting party sends a message to the other party.
Upon transmission or receipt of a fatal alert message, both parties immediately close the connection.
Example:
unexpected_message (fatal)
decompression_failure
handshake_failure
 
*Application Data Record
* Hello Request
These records contain the actual application data.
These messages are carried by the record layer and are fragmented, compressed, and encrypted, based on the current connection state.
 
= NetScaler =
Retrieved from "https://aman.awiki.org/wiki/Special:MobileDiff/3747"
Cookies help us deliver our services. By using our services, you agree to our use of cookies.
More information