datatracker.ietf.org
Sign in
Version 5.7.1.p2, 2014-10-29
Report a bug

The TLS Protocol Version 1.0
RFC 2246

Document type: RFC - Proposed Standard (January 1999; Errata)
Obsoleted by RFC 4346
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Document shepherd: No shepherd assigned

IESG State: RFC 2246 (Proposed Standard)
Responsible AD: (None)
Send notices to: No addresses provided

Network Working Group                                         T. Dierks
Request for Comments: 2246                                     Certicom
Category: Standards Track                                      C. Allen
                                                               Certicom
                                                           January 1999

                            The TLS Protocol
                              Version 1.0

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract

   This document specifies Version 1.0 of the Transport Layer Security
   (TLS) protocol. The TLS protocol provides communications privacy over
   the Internet. The protocol allows client/server applications to
   communicate in a way that is designed to prevent eavesdropping,
   tampering, or message forgery.

Table of Contents

   1.       Introduction                                              3
   2.       Goals                                                     4
   3.       Goals of this document                                    5
   4.       Presentation language                                     5
   4.1.     Basic block size                                          6
   4.2.     Miscellaneous                                             6
   4.3.     Vectors                                                   6
   4.4.     Numbers                                                   7
   4.5.     Enumerateds                                               7
   4.6.     Constructed types                                         8
   4.6.1.   Variants                                                  9
   4.7.     Cryptographic attributes                                 10
   4.8.     Constants                                                11
   5.       HMAC and the pseudorandom function                       11
   6.       The TLS Record Protocol                                  13
   6.1.     Connection states                                        14

Dierks & Allen              Standards Track                     [Page 1]
RFC 2246              The TLS Protocol Version 1.0          January 1999

   6.2.     Record layer                                             16
   6.2.1.   Fragmentation                                            16
   6.2.2.   Record compression and decompression                     17
   6.2.3.   Record payload protection                                18
   6.2.3.1. Null or standard stream cipher                           19
   6.2.3.2. CBC block cipher                                         19
   6.3.     Key calculation                                          21
   6.3.1.   Export key generation example                            22
   7.       The TLS Handshake Protocol                               23
   7.1.     Change cipher spec protocol                              24
   7.2.     Alert protocol                                           24
   7.2.1.   Closure alerts                                           25
   7.2.2.   Error alerts                                             26
   7.3.     Handshake Protocol overview                              29
   7.4.     Handshake protocol                                       32
   7.4.1.   Hello messages                                           33
   7.4.1.1. Hello request                                            33
   7.4.1.2. Client hello                                             34
   7.4.1.3. Server hello                                             36
   7.4.2.   Server certificate                                       37
   7.4.3.   Server key exchange message                              39
   7.4.4.   Certificate request                                      41
   7.4.5.   Server hello done                                        42
   7.4.6.   Client certificate                                       43
   7.4.7.   Client key exchange message                              43
   7.4.7.1. RSA encrypted premaster secret message                   44
   7.4.7.2. Client Diffie-Hellman public value                       45
   7.4.8.   Certificate verify                                       45
   7.4.9.   Finished                                                 46
   8.       Cryptographic computations                               47
   8.1.     Computing the master secret                              47
   8.1.1.   RSA                                                      48

[include full document text]