> Dear SSL Users, > > I am looking at the debug output of the s_client command, trying > to compare the > binary data with structures described in rfc 5246... Everything > is more or less > clear, but, I can not figure out where three bytes in front of > each structure > come from... > > Each data transmission (client -> server and server -> client) > starts with: > > 16 03 01
See section 6.2.3. > (later we see 14, and 17 instead of 16), followed by the length, 0x14 = 20 change cipher spec 0x16 = 22 handshake 0x17 = 23 application data See section A.1. > which is the part > of rfc 5246 structures... But, can somebody tell me what is this > "16"? 03 01 > could be the version number, which is duplicated inside of > structures, but why > are these bytes there, while I don't see any references to it in > the rfc 5146? You're looking in the wrong place(s), I guess. Other protocols, such as the handhshake protocol, are layered on top of the TLS record protocol (see, for example, 7.3). DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
