Core

Acc.

Dev

Domain

Journal

Pad

Remote

Run

Session

Site

Tool
Help
A B C D E F G
H I J K L M N
O P Q R S T U
V W X Y Z
Help

Overview

Why?
● ● ●

Branch

Coin

Core

Dev

Download

File

Kind

Map

Message

Net

Packet

Primitives

Session

Site

Socket

The Tree

Helm

MIME

Portfolio Help

Secure
Primitives

Belt

Bond

Branch

Build

Fact

File

Glob

ID

Image

Leaf

Log

Markup

Money

Object

Parse

Phrase

Render

String

Sum

SVG

Time

Tray

Verb
ShofarNexus/1990-08-05
ClientHello {1}

RFC 5246 ● 7.4.1.2 ● When this message will be sent

When a client first connects to a server, it is required to send the ClientHello as its first message. The client can also send a ClientHello in response to a HelloRequest or on its own initiative in order to renegotiate the security parameters in an existing connection.

Structure of this message

The ClientHello message includes a random structure, which is used later in the protocol.

gmt_unix_time

The current time and date in standard UNIX 32-bit format (seconds since the midnight starting Jan 1, 1970, UTC, ignoring leap seconds) according to the sender's internal clock. Clocks are not required to be set correctly by the basic TLS protocol; higher-level or application protocols may define additional requirements. Note that, for historical reasons, the data element is named using GMT, the predecessor of the current worldwide time base, UTC.

random_bytes

28 bytes generated by a secure random number generator.

The ClientHello message includes a variable-length session identifier. If not empty, the value identifies a session between the same client and server whose security parameters the client wishes to reuse. The session identifier MAY be from an earlier connection, this connection, or from another currently active connection. The second option is useful if the client only wishes to update the random structures and derived values of a connection, and the third option makes it possible to establish several independent secure connections without repeating the full handshake protocol. These independent connections may occur sequentially or simultaneously; a SessionID becomes valid when the handshake negotiating it completes with the exchange of Finished messages and persists until it is removed due to aging or because a fatal error was encountered on a connection associated with the session. The actual contents of the SessionID are defined by the server.

opaque SessionID<0..32>

Warning: Because the SessionID is transmitted without encryption or immediate MAC protection, servers MUST NOT place confidential information in session identifiers or let the contents of fake session identifiers cause any breach of security. (Note that the content of the handshake as a whole, including the SessionID, is protected by the Finished messages exchanged at the end of the handshake.)

The cipher suite list, passed from the client to the server in the ClientHello message, contains the combinations of cryptographic algorithms supported by the client in order of the client's preference (favorite choice first). Each cipher suite defines a key exchange algorithm, a bulk encryption algorithm (including secret key length), a MAC algorithm, and a PRF. The server will select a cipher suite or, if no acceptable choices are presented, return a handshake failure alert and close the connection. If the list contains cipher suites the server does not recognize, support, or wish to use, the server MUST ignore those cipher suites, and process the remaining ones as usual.

uint8 CipherSuite[2]; /* Cryptographic suite selector */

The ClientHello includes a list of compression algorithms supported by the client, ordered according to the client's preference.

TLS allows extensions to follow the compression_methods field in an extensions block. The presence of extensions can be detected by determining whether there are bytes following the compression_methods at the end of the ClientHello. Note that this method of detecting optional data differs from the normal TLS method of having a variable-length field, but it is used for compatibility with TLS before extensions were defined.

client_version

The version of the TLS protocol by which the client wishes to communicate during this session. This SHOULD be the latest (highest valued) version supported by the client. For this version of the specification, the version will be 3.3 (see Appendix E for details about backward compatibility).

random

A client-generated random structure.

session_id

The ID of a session the client wishes to use for this connection.

This field is empty if no session_id is available, or if the client wishes to generate new security parameters.

cipher_suites

This is a list of the cryptographic options supported by the client, with the client's first preference first. If the session_id field is not empty (implying a session resumption request), this vector MUST include at least the cipher_suite from that session. Values are defined in Appendix A.5.

compression_methods

This is a list of the compression methods supported by the client, sorted by client preference. If the session_id field is not empty (implying a session resumption request), it MUST include the compression_method from that session. This vector MUST contain, and all implementations MUST support, CompressionMethod.null. Thus, a client and server will always be able to agree on a compression method.

extensions

Clients MAY request extended functionality from servers by sending data in the extensions field. The actual "Extension" format is defined in Section 7.4.1.4.

In the event that a client requests additional functionality using extensions, and this functionality is not supplied by the server, the client MAY abort the handshake. A server MUST accept ClientHello messages both with and without the extensions field, and (as for all other messages) it MUST check that the amount of data in the message precisely matches one of these formats; if not, then it MUST send a fatal "decode_error" alert.

After sending the ClientHello message, the client waits for a ServerHello message. Any handshake message returned by the server, except for a HelloRequest, is treated as a fatal error.
The Kozlowski Family ● An Attempt at RestorationFamily.Kozlowski
Help Library

Core

Dev

Kind

Kit

Leaf

Map

Message

Net

Overview

Packet

Primitives

Run

Secure

Session

Site

Socket

Sprint

Stack

Tool

The Tree
Network Help

App

Internet

Hit

Kit

Link

Packet

Session

Socket

Net Tool

Transport
Transport Layer Help

QUIC

SCTP

TCP

TLS

UDP
TLS ● Transport Layer Security

Net_TLS Object

Alert {21}

CipherSuite

Extension

Handshake {22}

Session

Stream

TLS Tool
TLS ● Transport Layer Security
Alert {21}
Handshake {22}
ClientHello {1}
ServerHello {2}
Extension
server_name supported_groups (renamed from "elliptic_curves") ec_point_formats
signature_algorithms heartbeat session_ticket (renamed from "SessionTicket TLS")