Online Documentation Server
 ПОИСК
ods.com.ua Web
 КАТЕГОРИИ
Home
Programming
Net technology
Unixes
Security
RFC, HOWTO
Web technology
Data bases
Other docs

 


 ПОДПИСКА

 О КОПИРАЙТАХ
Вся предоставленная на этом сервере информация собрана нами из разных источников. Если Вам кажется, что публикация каких-то документов нарушает чьи-либо авторские права, сообщите нам об этом.




The SSL Protocol

Version 3.0

Internet Draft

March 1996 (Expires 9/96)

Alan O. Freier, Netscape Communications
Philip Karlton, Netscape Communications
Paul C. Kocher, Independent Consultant


Table of Contents

1. Status of this memo

2. Abstract

3. Introduction

4. Goals

5. Goals of this document

6. Presentation language

6.1 Basic block size
6.2 Miscellaneous
6.3 Vectors
6.4 Numbers
6.5 Enumerateds
6.6 Constructed types
6.6.1 Variants
6.7 Cryptographic attributes
6.8 Constants
7. SSL protocol
7.1 Session and connection states
7.2 Record layer
7.2.1 Fragmentation
7.2.2 Record compression and decompression
7.2.3 Record payload protection and the CipherSpec
7.3 Change cipher spec protocol
7.4 Alert protocol
7.4.1 Closure alerts
7.4.2 Error alerts
7.5 Handshake protocol overview
7.6 Handshake protocol
7.6.1 Hello messages
7.6.2 Server certificate
7.6.3 Server key exchange message
7.6.4 Certificate request
7.6.5 Server hello done
7.6.6 Client certificate
7.6.7 Client key exchange message
7.6.8 Certificate verify
7.6.9 Finished
7.7 Application data protocol
8. Cryptographic computations
8.1 Asymmetric cryptographic computations
8.1.1 RSA
8.1.2 Diffie-Hellman
8.1.3 Fortezza
8.2 Symmetric cryptographic calculations and the CipherSpec
8.2.1 The master secret
8.2.2 Converting the master secret into keys and MAC secrets

Appendices

A. Protocol constant values
A.1 Reserved port assignments
A.1.1 Record layer
A.2 Change cipher specs message
A.3 Alert messages
A.4 Handshake protocol
A.4.1 Hello messages
A.4.2 Server authentication and key exchange messages
A.5 Client authentication and key exchange messages
A.5.1 Handshake finalization message
A.6 The CipherSuite
A.7 The CipherSpec
B. Glossary

C. CipherSuite definitions

D. Implementation Notes

D.1 Temporary RSA keys
D.2 Random Number Generation and Seeding
D.3 Certificates and authentication
D.4 CipherSuites
E. Version 2.0 Backward Compatibility
E.1 Version 2 client hello
E.2 Avoiding man-in-the-middle version rollback
F. Security analysis
F.1 Handshake protocol
F.1.1 Authentication and key exchange
F.1.2 Version rollback attacks
F.1.3 Detecting attacks against the handshake protocol
F.1.4 Resuming sessions
F.1.5 MD5 and SHA
F.2 Protecting application data
F.3 Final notes
G. Patent Statement

References

Authors

Other contributors

Early reviewers

SSL Version 3.0 - March 1996



With any suggestions or questions please feel free to contact us