SlideShare a Scribd company logo

TLS,OCSP.pptx

Download as PPTX, PDF
A
AbrarAhmed331135

tls

Education
1 of 15
TLS 1.3 Handshake
Key Exchange ClientHello The TLS handshake begins with the client sending a ClientHello message to the server. This message contains the following fields: • Cipher_Suites • Extensions • Supported_Version • Status_request • Supported_groups • Key_share • Group • Key_exchange • Pre_Shared_key ServerHello The server responds to the client’s ClientHello message with a ServerHello message if it’s able to negotiate an acceptable set of handshake parameters. This message contains the following fields: • Cipher_suite • Extension • Supported_versions • Key_share • Pre_shared_key The server sends other extensions separately in the EncryptedExtensions message.
Server Parameters After the server sends a ServerHello message to the client, it sends two messages to establish server parameters: EncryptedExtensions and CertificateRequest: • EncryptedExtensions: This message contains responses to ClientHello extensions that are not required to determine cryptographic parameters other than those that are specific to individual certificates. • CertificateRequest: If certificate-based client authentication is desired, then this message is sent. It contains parameters for a certificate requested from the client. It includes the following fields: • certificate_request_context • Extensions • signature_algorithms • signature_algorithms_cert • certificate_authorities • supported_groups
Authentication Certificate • This message contains the authentication certificate and any other supporting certificates in the certificate chain. • The server must send this message if the key exchange method uses certificates for authentication. • The client must send this if and only if the server requested client authentication through a CertificateRequest message. The certificate message includes the following fields: • certificate_list • extensions: Extensions that the Certificate message may contain include the following: • status_request • signed_certificate_timestamp CertificateVerify • This message contains a signature over the entire handshake using the private key corresponding to the public key in the Certificate message. • It provides proof that the client or the server has the private key corresponding to its certificate. This message includes the following fields: • Algorithm • signature Finished • This message contains a Message Authentication Code (MAC) over the entire handshake. Once the client and server have verified the Finished messages that they have received from their peers, both sides may send and receive application data over the connection.
Post-Handshake Messages The client and server can send other messages after the handshake: new session ticket message, post-handshake authentication, and key update. New Session Ticket Message • The NewSessionTicket message, sent by the server after it receives the Finished message, contains a pre- shared key that the client then may use for future handshakes. Post-Handshake Authentication • If client sent the post_handshake_auth extension, the server may request client authentication at any time after the handshake by sending a CertificateRequest message. If the client authenticates, then it must send Certificate, CertificateVerify, and Finished messages. If the client declines, then it must send a Certificate message that contains no certificates and the Finished message. KeyUpdate Message • The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys. It replaces the ChangeCipherSpec message in TLS 1.2. • You can specify a limit on the amount of data an algorithm may encrypt with a specific set of keys with the jdk.tls.keyLimits Security Property. See Limiting the amount of data that algorithms can encrypt with a set of keys.
Session resumption with a pre-shared key TLS 1.3 handshake that establishes a PSK TLS 1.3 handshake that uses a PSK
Online Certificate Status Protocol • OCSP is used to Determine x509 certificate revocation status during the Transport Layer Security(TLS) handshake. • Certificate Revocation List (CRL) • Client Driven OCSP • OCSP Stapling
Client-Driven OCSP
TLS,OCSP.pptx

Recommended

SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS ProtocolDevang Badrakiya
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityHuda Seyam
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Understanding transport-layer_security__ssl
Understanding transport-layer_security__sslUnderstanding transport-layer_security__ssl
Understanding transport-layer_security__sslMainak Goswami
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
 
Internet security protocol
Internet security protocolInternet security protocol
Internet security protocolMousmi Pawar
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocolAjit Dadresa
 

Recommended

SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS ProtocolDevang Badrakiya
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityHuda Seyam
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Understanding transport-layer_security__ssl
Understanding transport-layer_security__sslUnderstanding transport-layer_security__ssl
Understanding transport-layer_security__sslMainak Goswami
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
 
Internet security protocol
Internet security protocolInternet security protocol
Internet security protocolMousmi Pawar
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocolAjit Dadresa
 
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfdjameleddine2015
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4Deepak John
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS Ghanshyam Patel
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 
Web Security
Web SecurityWeb Security
Web SecurityRam Dutt Shukla
 
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docxDescribe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docxearleanp
 
Kerberos Process.pdf
Kerberos Process.pdfKerberos Process.pdf
Kerberos Process.pdfYogeshwaran R
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityJyothishmathi Institute of Technology and Science Karimnagar
 
Unit 4.ppt
Unit 4.pptUnit 4.ppt
Unit 4.pptDHANABALSUBRAMANIAN
 
ch14.ppt
ch14.pptch14.ppt
ch14.pptSomuPatil8
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Samip jain
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case studyMayuri Patil
 
SSL Secure Socket Layer
SSL Secure Socket LayerSSL Secure Socket Layer
SSL Secure Socket Layeromkar bhagat
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4limsh
 
SSL-image
SSL-imageSSL-image
SSL-imageRajat Toshniwal
 
Ch14
Ch14Ch14
Ch14Joe Christensen
 
Secure socket later
Secure socket laterSecure socket later
Secure socket laterMuhammad Ahmad Nazar
 
6. Kerberos.ppt
6. Kerberos.ppt6. Kerberos.ppt
6. Kerberos.pptMadhusatish1
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos ProtocolNetwax Lab
 
How does TLS work?
How does TLS work?How does TLS work?
How does TLS work?Hyeonsu Lee
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 

More Related Content

Similar to TLS,OCSP.pptx

Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfdjameleddine2015
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4Deepak John
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docxDescribe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docxearleanp
 
Kerberos Process.pdf
Kerberos Process.pdfKerberos Process.pdf
Kerberos Process.pdfYogeshwaran R
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Samip jain
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case studyMayuri Patil
 
SSL Secure Socket Layer
SSL Secure Socket LayerSSL Secure Socket Layer
SSL Secure Socket Layeromkar bhagat
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4limsh
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos ProtocolNetwax Lab
 
How does TLS work?
How does TLS work?How does TLS work?
How does TLS work?Hyeonsu Lee
 

Similar to TLS,OCSP.pptx (20)

Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdfConfiguring Wired 802.1x Authentication on Windows Server 2012.pdf
Configuring Wired 802.1x Authentication on Windows Server 2012.pdf
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
 
Web Security
Web SecurityWeb Security
Web Security
 
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docxDescribe- in your own words- the mechanism for establishing a HTTPS co.docx
Describe- in your own words- the mechanism for establishing a HTTPS co.docx
 
Kerberos Process.pdf
Kerberos Process.pdfKerberos Process.pdf
Kerberos Process.pdf
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
Unit 4.ppt
Unit 4.pptUnit 4.ppt
Unit 4.ppt
 
ch14.ppt
ch14.pptch14.ppt
ch14.ppt
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case study
 
SSL Secure Socket Layer
SSL Secure Socket LayerSSL Secure Socket Layer
SSL Secure Socket Layer
 
BAIT1103 Chapter 4
BAIT1103 Chapter 4BAIT1103 Chapter 4
BAIT1103 Chapter 4
 
SSL-image
SSL-imageSSL-image
SSL-image
 
Ch14
Ch14Ch14
Ch14
 
Secure socket later
Secure socket laterSecure socket later
Secure socket later
 
6. Kerberos.ppt
6. Kerberos.ppt6. Kerberos.ppt
6. Kerberos.ppt
 
Kerberos Protocol
Kerberos ProtocolKerberos Protocol
Kerberos Protocol
 
How does TLS work?
How does TLS work?How does TLS work?
How does TLS work?
 

Recently uploaded

History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 

Recently uploaded (20)

History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 

TLS,OCSP.pptx

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 8. Key Exchange ClientHello The TLS handshake begins with the client sending a ClientHello message to the server. This message contains the following fields: • Cipher_Suites • Extensions • Supported_Version • Status_request • Supported_groups • Key_share • Group • Key_exchange • Pre_Shared_key ServerHello The server responds to the client’s ClientHello message with a ServerHello message if it’s able to negotiate an acceptable set of handshake parameters. This message contains the following fields: • Cipher_suite • Extension • Supported_versions • Key_share • Pre_shared_key The server sends other extensions separately in the EncryptedExtensions message.
  • 9. Server Parameters After the server sends a ServerHello message to the client, it sends two messages to establish server parameters: EncryptedExtensions and CertificateRequest: • EncryptedExtensions: This message contains responses to ClientHello extensions that are not required to determine cryptographic parameters other than those that are specific to individual certificates. • CertificateRequest: If certificate-based client authentication is desired, then this message is sent. It contains parameters for a certificate requested from the client. It includes the following fields: • certificate_request_context • Extensions • signature_algorithms • signature_algorithms_cert • certificate_authorities • supported_groups
  • 10. Authentication Certificate • This message contains the authentication certificate and any other supporting certificates in the certificate chain. • The server must send this message if the key exchange method uses certificates for authentication. • The client must send this if and only if the server requested client authentication through a CertificateRequest message. The certificate message includes the following fields: • certificate_list • extensions: Extensions that the Certificate message may contain include the following: • status_request • signed_certificate_timestamp CertificateVerify • This message contains a signature over the entire handshake using the private key corresponding to the public key in the Certificate message. • It provides proof that the client or the server has the private key corresponding to its certificate. This message includes the following fields: • Algorithm • signature Finished • This message contains a Message Authentication Code (MAC) over the entire handshake. Once the client and server have verified the Finished messages that they have received from their peers, both sides may send and receive application data over the connection.
  • 11. Post-Handshake Messages The client and server can send other messages after the handshake: new session ticket message, post-handshake authentication, and key update. New Session Ticket Message • The NewSessionTicket message, sent by the server after it receives the Finished message, contains a pre- shared key that the client then may use for future handshakes. Post-Handshake Authentication • If client sent the post_handshake_auth extension, the server may request client authentication at any time after the handshake by sending a CertificateRequest message. If the client authenticates, then it must send Certificate, CertificateVerify, and Finished messages. If the client declines, then it must send a Certificate message that contains no certificates and the Finished message. KeyUpdate Message • The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys. It replaces the ChangeCipherSpec message in TLS 1.2. • You can specify a limit on the amount of data an algorithm may encrypt with a specific set of keys with the jdk.tls.keyLimits Security Property. See Limiting the amount of data that algorithms can encrypt with a set of keys.
  • 12. Session resumption with a pre-shared key TLS 1.3 handshake that establishes a PSK TLS 1.3 handshake that uses a PSK
  • 13. Online Certificate Status Protocol • OCSP is used to Determine x509 certificate revocation status during the Transport Layer Security(TLS) handshake. • Certificate Revocation List (CRL) • Client Driven OCSP • OCSP Stapling