On Tue, 9 Aug 2022 at 08:50, Martin Thomson wrote: > On Tue, Aug 9, 2022, at 16:36, Ben Smyth wrote: > > On Mon, 8 Aug 2022 at 15:21, Töma Gavrichenkov wrote: > >> "Upon receiving the server's messages, the client responds with its > Authentication messages, namely Certificate and CertificateVerify (if > requested), and Finished. At this point, the handshake is complete" > > > > I stumbled with this. > > That seems clear enough to me. At least from the client's perspective. > Presumably the server has to receive the client's Finished to consider the > handshake complete. >
For me there was a eureka! moment, when I finally understood, suddenly everything fell into place. It could have been an easier journey; I don't know whether I can better explain. There are handshake messages, there's handshaking, and there's handshake completion. Handshaking is an exchange of handshake messages. Handshake messages are also exchanged post handshake completion. A handshake partially completes on sending/receiving a server's Finished message---a server can send application data thereafter---an authenticated channel from the server to a client is established. A handshake fully completes on sending/receiving the client's (first) Finished message, a channel (optionally, authenticated) from the client to the server is established. Post-handshake authentication adds a twist, further client Finished messages may be sent/received. >From the above, we see two points at which the handshake completes, and a further two points of partial completion.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
