B.3 SSLTLS Protocols
| only for RuBoard - do not distribute or recompile |
B.3 SSL/TLS Protocols
SSL and TLS protocols are specific types of messages that are sent using the record layer. The SSL v3.0/TLS standard defines three protocols:
-
The Handshake protocol, which performs the initial key negotiation.
-
The Alert protocol, which sends important messages about the state of the SSL/TLS connection from one side to the other.
-
The ChangeCipherSpec protocol, which changes the encryption system currently in use.
-
The application data protocol, which sends user data.
B.3.1 Handshake Protocol
The SSL Handshake protocol is used to authenticate the SSL server to the client (and optionally the client to the server) and to agree upon an initial encryption algorithm and keys. The Handshake protocol is described in the next major section.
B.3.2 Alert Protocol
Alerts are a specific type of message that can be transmitted by the SSL/TLS record layer. Alerts consist of two parts: an AlertLevel and an AlertDescription. Both are coded as single 8-bit numbers.
The SSL v3.0 and TLS 1.0 specifications define two alert levels.
| Alert level | Level name | Meaning |
|---|---|---|
| 1 | Warning | SSL warnings indicate a problem that is not fatal. |
| 2 | Fatal | SSL fatal alerts immediately terminate the current SSL session. |
SSL v3.0 and TLS 1.0 define the following alerts.
| SSL alert number | TLS alert number | Alert name | Meaning |
|---|---|---|---|
| 0 | 0 | close_notify | Indicates that the sender will not send any more information. If a close_notify is sent with a warning alert level, the session may be resumed. If a close_notify is sent with a fatal alert level, the session may not be resumed. |
| 10 | 10 | unexpected_message | Inappropriate message was received. This alert should never occur; it indicates an error in one of the SSL implementations participating in the conversation. |
| 20 | 20 | bad_record_mac | Sender received a record with an incorrect MAC. Fatal. |
| N/A | 21 | decryption_failed | The received data could not be decrypted. |
| N/A | 22 | record_overflow | The decompressed data is larger than 16,383 bytes. |
| 30 | 30 | decompression_failure | Information in the record would not properly decompress. Fatal. |
| 40 | 40 | handshake_failure | Indicates that the sender was unable to negotiate an acceptable set of security parameters for example, the sender was not satisfied with the encryption algorithms and strengths available on the recipient. Fatal. |
| 41 | N/A | no_certificate | Sent in response to a certification request if no appropriate certificate is available. |
| 42 | 42 | bad_certificate | Sent if a certification request fails for example, if the certificate is corrupted, or the signature did not verify properly. |
| 43 | 43 | unsupported_certificate | Sent if the sender does not support the type of certificate sent by the recipient. |
| 44 | 44 | certificate_revoked | Sent if the sender receives a certificate that was already revoked. |
| 45 | 45 | certificate_expired | Sent if the sender receives a certificate that has expired. |
| 46 | 46 | certificate_unknown | Sent if some other error arises during the processing of the certificate. |
| 47 | 47 | illegal_parameter | Sent if the sender finds that another value in the handshake is out of range or inconsistent. Fatal. |
| N/A | 48 | unknown_ca | A valid certificate was provided, but the CA that signed the certificate (or the chain) is not recognized or not trusted. |
| N/A | 49 | access_denied | Access is not allowed because of access control restrictions that are in effect. |
| N/A | 50 | decode_error | The message could not be decoded because something is out of range. |
| N/A | 51 | decrypt_error | A cryptographic handshake failed or an encrypted value could not be decrypted properly. |
| N/A | 60 | export_restriction | This session is not in compliance with export restrictions and must be terminated. |
| N/A | 70 | protocol_version | The protocol requested by the client is recognized but not supported. (For example, an old protocol may no longer be permitted because of known security problems.) |
| N/A | 71 | insufficient_security | The server requires ciphers that are more secure than the client has, so this transaction will not be allowed to continue. |
| N/A | 80 | internal_error | Something is wrong perhaps the client or the server ran out of memory or suffered a crash. |
| N/A | 90 | user_canceled | The user has asked to cancel the handshake operation. |
| N/A | 100 | no_renegotiation | Either the client or the server does not wish to renegotiate a key. This is a warning. |
B.3.3 ChangeCipherSpec Protocol
The ChangeCipherSpec protocol is used to change from one encryption algorithm (called a strategy by the specification) to another.
To change the encryption algorithm, the client and server first negotiate a new CipherSpec and keys. They each then send a ChangeCipherSpec message, which causes the receiving process to start using the new CipherSpec and keys.
Although the CipherSpec is normally changed at the end of the SSL/TLS handshake, it can be changed at any time.
| only for RuBoard - do not distribute or recompile |
EAN: 2147483647
Pages: 194