08-19-07 12:20 AM
I'm trying to learn and understand how TLS works as a layer underneath
other protocols, such as HTTP. I've read most of the RFC on TLS, so I
get the basic idea. However, my first actual experiment with TLS
doesn't seem to produce the expected results.
It is my understanding that an HTTP over TLS connection begins with
the client sending a block of data encapsulated in a TLS "record
protocol", which is outlined in the RFC. The initial communication
from the client to the server is a handshake protocol, encapsulated in
a record protocol. According to the documentation, the handshake
should begin with an 8-bit "Content-Type" id with a value of 22, to
indicate the handshake protocol.
So, I set up a simple server listening on port 443, and sent a request
to it through a web browser. My server is programmed to simply
provide a hex dump of the first 100 bytes of data it receives from the
client. Naturally, I expected the hex dump to begin with 16 (22 in
decimal) to indicate a handshake. Instead, I get:
80 3D 01 03 00 00 00 00 C0 F9 4B 74 91 2B 00 00 6C 6F 6F 5F 73 72 63
2F 31 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 08 00 00 00 00 00
00 00 00 00 00 00 72 2E 68 74 2F 61 64 2F 64 61 74 61 00 20 6E 6F 74
5F 66 6F 31 00 00 00 00 00 00 00 00 FA 4B 74 91 2B 00 00 10 FA 4B 74
91 2B 00 00 72 72 2E 68
I can't make any sense out of this. I thought that there might be
some additional protocol or communication which happens before the TLS
handshake, but if so I can't find any mention of it or documentation
of it.
So, what is the client sending me here? Is there some protocol which
must take place before the TLS handshake?
[ Post a follow-up to this message ]
| 
