B.3 SSLTLS Protocols

only for RuBoard - do not distribute or recompile

B.3 SSL/TLS Protocols

SSL and TLS protocols are specific types of messages that are sent using the record layer. The SSL v3.0/TLS standard defines three protocols:

  • The Handshake protocol, which performs the initial key negotiation.

  • The Alert protocol, which sends important messages about the state of the SSL/TLS connection from one side to the other.

  • The ChangeCipherSpec protocol, which changes the encryption system currently in use.

  • The application data protocol, which sends user data.

B.3.1 Handshake Protocol

The SSL Handshake protocol is used to authenticate the SSL server to the client (and optionally the client to the server) and to agree upon an initial encryption algorithm and keys. The Handshake protocol is described in the next major section.

B.3.2 Alert Protocol

Alerts are a specific type of message that can be transmitted by the SSL/TLS record layer. Alerts consist of two parts: an AlertLevel and an AlertDescription. Both are coded as single 8-bit numbers.

The SSL v3.0 and TLS 1.0 specifications define two alert levels.

Alert level

Level name

Meaning

1

Warning

SSL warnings indicate a problem that is not fatal.

2

Fatal

SSL fatal alerts immediately terminate the current SSL session.

SSL v3.0 and TLS 1.0 define the following alerts.

SSL alert number

TLS alert number

Alert name

Meaning

0

0

close_notify

Indicates that the sender will not send any more information. If a close_notify is sent with a warning alert level, the session may be resumed. If a close_notify is sent with a fatal alert level, the session may not be resumed.

10

10

unexpected_message

Inappropriate message was received. This alert should never occur; it indicates an error in one of the SSL implementations participating in the conversation.

20

20

bad_record_mac

Sender received a record with an incorrect MAC. Fatal.

N/A

21

decryption_failed

The received data could not be decrypted.

N/A

22

record_overflow

The decompressed data is larger than 16,383 bytes.

30

30

decompression_failure

Information in the record would not properly decompress. Fatal.

40

40

handshake_failure

Indicates that the sender was unable to negotiate an acceptable set of security parameters for example, the sender was not satisfied with the encryption algorithms and strengths available on the recipient. Fatal.

41

N/A

no_certificate

Sent in response to a certification request if no appropriate certificate is available.

42

42

bad_certificate

Sent if a certification request fails for example, if the certificate is corrupted, or the signature did not verify properly.

43

43

unsupported_certificate

Sent if the sender does not support the type of certificate sent by the recipient.

44

44

certificate_revoked

Sent if the sender receives a certificate that was already revoked.

45

45

certificate_expired

Sent if the sender receives a certificate that has expired.

46

46

certificate_unknown

Sent if some other error arises during the processing of the certificate.

47

47

illegal_parameter

Sent if the sender finds that another value in the handshake is out of range or inconsistent. Fatal.

N/A

48

unknown_ca

A valid certificate was provided, but the CA that signed the certificate (or the chain) is not recognized or not trusted.

N/A

49

access_denied

Access is not allowed because of access control restrictions that are in effect.

N/A

50

decode_error

The message could not be decoded because something is out of range.

N/A

51

decrypt_error

A cryptographic handshake failed or an encrypted value could not be decrypted properly.

N/A

60

export_restriction

This session is not in compliance with export restrictions and must be terminated.

N/A

70

protocol_version

The protocol requested by the client is recognized but not supported. (For example, an old protocol may no longer be permitted because of known security problems.)

N/A

71

insufficient_security

The server requires ciphers that are more secure than the client has, so this transaction will not be allowed to continue.

N/A

80

internal_error

Something is wrong perhaps the client or the server ran out of memory or suffered a crash.

N/A

90

user_canceled

The user has asked to cancel the handshake operation.

N/A

100

no_renegotiation

Either the client or the server does not wish to renegotiate a key. This is a warning.

B.3.3 ChangeCipherSpec Protocol

The ChangeCipherSpec protocol is used to change from one encryption algorithm (called a strategy by the specification) to another.

To change the encryption algorithm, the client and server first negotiate a new CipherSpec and keys. They each then send a ChangeCipherSpec message, which causes the receiving process to start using the new CipherSpec and keys.

Although the CipherSpec is normally changed at the end of the SSL/TLS handshake, it can be changed at any time.

only for RuBoard - do not distribute or recompile


Web Security, Privacy & Commerce
Web Security, Privacy and Commerce, 2nd Edition
ISBN: 0596000456
EAN: 2147483647
Year: 2000
Pages: 194

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net