An SSL session always begins with an exchange of messages
called the SSL handshake. The handshake allows
the server to authenticate itself to the client using public key
techniques, also called asymmetric encryption. It then allows the
client and the server to cooperate in the creation of symmetric
keys, which are used for rapid encryption, decryption, and tamper
detection during the session that follows. Optionally, the handshake
also allows the client to authenticate itself to the server.
This exchange of messages is designed to facilitate the following
actions:
Authenticate the server to
the client.
Allow the client and server to select the cryptographic
algorithms, or ciphers, that they both support.
Optionally authenticate the client to the server.
Use public key encryption techniques to generate
shared secrets.
