Cisco Cisco Web Security Appliance S690 User Guide
S S L H A N D S H A K E
C H A P T E R 1 0 : D E C R Y P T I O N P O L I C I E S
187
3. Authenticate the identity of each side. Typically, only the server gets authenticated while
the client remains unauthenticated. The client validates the server certificate. For more
information about certificates and using them to authenticate servers, see “Digital
Certificates” on page 188.
information about certificates and using them to authenticate servers, see “Digital
Certificates” on page 188.
4. Generate temporary symmetric keys to encrypt the channel for this session. The client
generates a session key (usually a random number), encrypts it with the server’s public
key, and sends it to the server. The server decrypts the session key with its private key. Both
sides compute a common master secret key that will be used for all future encryption and
decryption until the connection closes.
key, and sends it to the server. The server decrypts the session key with its private key. Both
sides compute a common master secret key that will be used for all future encryption and
decryption until the connection closes.