Overview#The RSA key-exchange method of Key-Exchange consists of three messages.
First the ServerKeyExchange where the server sends to the client an RSA public key, K_T, to which the server holds the private key. This may be a transient key generated solely for this connection, or it may be re-used for several connections.
Second ClientKeyExchange where the client generates a string of random bytes, K, encrypts it using K_T, and sends the result back to the server, which decrypts it.
Then both the client and server each hash K, K_T, and the various Key-Exchange parameters to generate the exchange hash, H, which is used to generate the encryption keys for the session, and the server signs H with its host key and sends the signature to the client.
Then the client then verifies the host key.