> From: owner-openssl-us...@openssl.org On Behalf Of Erik Norgaard
> Sent: Friday, 21 August, 2009 04:22
> I have been asked to study the possibility of using for
> authentication without encryption, ie using TLS_RSA_WITH_NULL_SHA.
>
> Reading the RFC5246, it appears that the server
> authentic
Hello Erik,
The authentication occurs during the initial setup of TLS session
(handshake phase). If the peer (or peers in case of mutual authentication) is
authenticated then both sides agree in a common secrets for the session as part
handshake phase. The messages sent in the authentica
