SSL protocol stack
The SSL protocol stack includes the following protocols:
SSL record protocol at the lower layer.
SSL handshake protocol, SSL change cipher spec protocol, and SSL alert protocol at the upper layer.
Figure 106: SSL protocol stack
SSL record protocol—Fragments data to be transmitted, computes and adds MAC to the data, and encrypts the data before transmitting it to the peer end.
SSL handshake protocol—Negotiates the cipher suite used for secure communication, authenticates the server and client, and exchanges the keys between the server and client. The cipher suite that needs to be negotiated includes the symmetric encryption algorithm, key exchange algorithm, and MAC algorithm.
SSL change cipher spec protocol—Notifies the receiver that subsequent packets are to be protected and transmitted based on the negotiated cipher suite and key.
SSL alert protocol—Enables the SSL client and server to send alert messages to each other. An alert message contains the alert severity level and a description.