Finding the answers to specific SSL questions |
 |
EXPERT RESPONSE FROM: Jonathan Callas
|
|
|
| > |
QUESTION POSED ON: 11 September 2002
I have a couple questions about SSL. First of all, why does SSL have a Change Cipher Spec Protocol that contains only the change_cipher_spec message? Why was the change_cipher_spec message just not defined in the Handshake Protocol? I'm sure there is a reason that a separate protocol was created, but I have not been able to find it.
My second question is about the client and server secrets and keys in the
connection state. Why are there two write MAC secrets (one for the client
and one for the server) and two write keys (one for the client and one for
the server) in the connection state? I can understand why one MAC secret and one write key would be needed, but I can't understand why there are two
of each. Aren't these secrets and keys symmetric, meaning only one key/secret is needed?
Any help you could give me on this would be greatly appreciated.
|
|
|
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
The best place to find the answers to your questions would be the SSL/TLS working group mailing lists in
the IETF. Many questions -- like "why did you do it this way" are best
answered by the people who actually did it. Here is information about the
working group mailing lists:
General Discussion: ietf-tls@lists.certicom.com
To Subscribe: ietf-tls-request@lists.certicom.com
Archive: http://www.imc.org/ietf-tls/mail-archive
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
