You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

SSL 3.0 Connection Walkthrough

Main technical contact: Nelson Bolyard


The following documents have been prepared to help developers understand the behavior of SSL. Each document contains detailed traces of two SSL connections, one established "from scratch", and one using the "session restart" feature.

Each document includes all the plaintext and ciphertext, all keys and IVs, all the inputs and outputs, and many intermediate values of hashes and MACs computed, and of public and private key operations (i.e. encryption, decryption, signing, and verifying). The operations are shown exactly in the order performed.

Developers may use these documents to verify correct sequences of operations.

  • Export client and server, using the SSL_RSA_EXPORT_WITH_RC4_40_MD5 cipher suite, and no client authentication.
  • Domestic (US & Canada) client and server, using the SSL_RSA_WITH_RC4_128_MD5 cipher suite, and client authentication.

Please direct all questions, suggestions, and comments concerning these traces to Nelson Bolyard.

All general questions about SSL (that do not directly relate to these trace files) should be discussed in the newsgroup

General discussion of Mozilla crypto issues should be discussed in the newsgroup, or in Mozilla's dev-tech-crypto mailing list. For more information about that list, see

$Id: index.html,v 1.3 2008/02/25 20:14:02 Exp $