refactoring crypto handshakes (SSL in 3 easy steps)

James A. Donald jamesd at
Tue Nov 13 20:29:14 EST 2007

Pasi.Eronen at wrote:
 > The "extra messages" might be irrelevant for
 > cryptography, but they're not irrelevant for security
 > or functionality.
 > E.g. in SSL, you have capability/feature negotiation
 > (cipher suites, trusted CAs, in TLS 1.2 also signature
 > algorithms, etc.)

You can handle this by client making a guess, perhaps
based on past experience, as to whether its initial
request for preferred protocol is likely to be accepted,
and if it thinks it probably will be, going ahead on the
assumption it will be, rather than waiting for the round
trips to complete.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list