This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
HelloRetryRequest
HelloRetryRequest

Version management

Difference between version and

At line 1 added 27 lines
!!! Overview
[{$pagename}] or Hello Retry Request is a [TLS 1.3] message sent by the [server] will send this message in response to a [ClientHello] message if it is able to find an acceptable set of parameters but the [ClientHello] does __not__ contain sufficient information to proceed with the [TLS Handshake].
Structure of this message:
%%prettify
{{{
struct {
ProtocolVersion server_version;
CipherSuite cipher_suite;
Extension extensions<2..2^16-1>;
} HelloRetryRequest;
}}} /%
The version, [cipher_suite], and [extensions|TLS extension] fields have the same meanings as their corresponding values in the [ServerHello]. The server [SHOULD] send only the [extensions|TLS extension] necessary for the [client] to
generate a correct [ClientHello] pair. As with [ServerHello], a [{$pagename}] [MUST NOT] contain any extensions that were not first offered by the [client] in its [ClientHello], with the exception of optionally the "cookie" (see Section 4.2.2) extension.
Upon receipt of a [{$pagename}], the [client] [MUST] verify that the extensions block is not empty and otherwise [MUST] abort the [TLS Handshake] with a "[decode_error]" alert. [Clients] [MUST] abort the [TLS Handshake] with an "[illegal_parameter]" alert if the [{$pagename}] would not result in any change in the [ClientHello]. If a [client] receives a second [{$pagename}] in the same connection (i.e., where the [ClientHello] was itself in response to a [{$pagename}]), it [MUST] abort the handshake with an "[unexpected_message]" alert.
Otherwise, the client [MUST] process all [extensions|TLS extension] in the [{$pagename}] and send a second updated [ClientHello]. The [{$pagename}] extensions defined in this specification are:
* cookie (see Section 4.2.2)
* key_share (see Section 4.2.7)
In addition, in its updated [ClientHello], the client [SHOULD NOT] offer any pre-shared keys associated with a hash other than that of the selected cipher suite. This allows the client to avoid having to compute partial hash transcripts for multiple hashes in the second [ClientHello]. A [client] which receives a cipher suite that was not offered [MUST] abort the handshake. Servers MUST ensure that they negotiate the same cipher suite when receiving a conformant updated [ClientHello] (if the server selects the cipher suite as the first step in the negotiation, then this will happen automatically). Upon receiving the [ServerHello], clients [MUST] check that the cipher suite supplied in the [ServerHello] is the same as that in the [{$pagename}] and otherwise abort the handshake with an "[illegal_parameter]" [TLS Alert Messages].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop