RFC 3749 Implementation Report S. Hollenbeck VeriSign, Inc. December 21, 2004 Implementation Report: Transport Layer Security Protocol Compression Methods (RFC 3749) 1. Introduction This report describes the results of interoperability testing between two independently-developed implementations of the Transport Layer Security (TLS) compression method described in RFC 3749 [1]. This method, which uses the DEFLATE algorithm described in RFC 1951 [2], has been implemented in versions 1.0.16 and 1.1.23 of GnuTLS and version 0.9.8-dev of OpenSSL. GnuTLS 1.0.16 is stable and shipping with Debian GNU/Linux. GnuTLS 1.1.23 and OpenSSL 0.9.8-dev are development versions that have not yet been released for widespread use at the time of this writing. A description of GnuTLS can be found on the world wide web at . A description of OpenSSL can be found on the world wide web at . 2. Implementation Requirements Section 2 of RFC 3749 describes the compression method identifier associated with the DEFLATE compression method. The value for this identifier, 1 (one), is advertised by the server and selected by the client as part of the TLS Handshake Protocol. The algorithm associated with the selected method is then applied as part of the TLS Record Protocol. A conforming implementation is thus required to meet these requirements for interoperability: o Advertise and negotiate the compression method. o Properly apply the compression method. Implementations of GnuTLS and OpenSSL have demonstrated interoperability confirmed by log data provided in Section 3 and Section 4. 3. GnuTLS Logs This log describes a TLS session between a GnuTLS client and an OpenSSL server. The client uses GnuTLS version 1.0.16 as shipped Hollenbeck [Page 1] RFC 3749 Implementation Report December 2004 with Debian GNU/Linux. The server uses OpenSSL version 0.9.8-dev, the unreleased development version current as of 14 December 2004. ******************** BEGIN LOG ******************** jas@latte:~$ echo 'GET /'|/usr/bin/gnutls-cli -p 5678 www.openssl.org -d 4711 Resolving 'www.openssl.org'... Connecting to '195.27.176.155:5678'... |<2>| ASSERT: gnutls_cert.c:255 |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_AES_256_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_AES_128_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_RMD |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_ARCFOUR_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_ARCFOUR_MD5 |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: RSA_EXPORT_ARCFOUR_40_MD5 |<3>| HSK[80708e8]: Keeping ciphersuite: ANON_DH_AES_256_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: ANON_DH_AES_128_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: ANON_DH_3DES_EDE_CBC_SHA |<3>| HSK[80708e8]: Keeping ciphersuite: ANON_DH_ARCFOUR_MD5 |<2>| EXT[80708e8]: Sending extension CERT_TYPE |<2>| EXT[80708e8]: Sending extension SERVER_NAME |<3>| HSK[80708e8]: CLIENT HELLO was send [147 bytes] |<6>| BUF[HSK]: Peeked 0 bytes of Data Hollenbeck [Page 2] RFC 3749 Implementation Report December 2004 |<6>| BUF[HSK]: Emptied buffer |<4>| REC[80708e8]: Sending Packet[0] Handshake(22) with length: 147 |<7>| WRITE: Will write 152 bytes to 5. |<7>| WRITE: wrote 152 bytes to 5. Left 0 bytes. Total 152 bytes. |<7>| 0000 - 16 03 02 00 93 01 00 00 8f 03 02 41 bf 23 b1 87 |<7>| 0001 - 3c a5 16 cc c9 41 42 19 14 d6 30 f6 06 8d 1e b0 |<7>| 0002 - 14 00 b7 55 57 a2 15 28 d2 b2 4e 00 00 46 00 39 |<7>| 0003 - 00 79 00 33 00 78 00 16 00 77 00 38 00 73 00 32 |<7>| 0004 - 00 74 00 13 00 72 00 66 00 35 00 7e 00 2f 00 7d |<7>| 0005 - 00 0a 00 7c 00 05 00 04 00 57 00 54 00 51 00 58 |<7>| 0006 - 00 55 00 52 00 56 00 53 00 50 00 03 00 3a 00 34 |<7>| 0007 - 00 1b 00 18 02 01 00 00 1f 00 07 00 03 02 00 01 |<7>| 0008 - 00 00 00 14 00 12 00 00 0f 77 77 77 2e 6f 70 65 |<7>| 0009 - 6e 73 73 6c 2e 6f 72 67 |<4>| REC[80708e8]: Sent Packet[1] Handshake(22) with length: 152 |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 16 03 01 00 4a |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[80708e8]: Received Packet[0] Handshake(22) with length: 74 |<7>| READ: Got 74 bytes from 5 |<7>| READ: read 74 bytes from 5 |<7>| 0000 - 02 00 00 46 03 01 41 bf 23 be 62 96 2c db c6 98 |<7>| 0001 - a4 c6 c6 68 28 60 8d 44 42 3d de fd f2 ae 73 a4 |<7>| 0002 - 25 25 55 a3 93 40 20 47 e4 a6 0f cb bb 89 26 8c |<7>| 0003 - d0 aa d3 b9 15 f0 e2 c5 3b 73 25 54 3c 5c 3a 93 |<7>| 0004 - d0 5d 0a 7c 77 05 23 00 39 01 |<7>| RB: Have 5 bytes into buffer. Adding 74 bytes. |<7>| RB: Requested 79 bytes |<4>| REC[80708e8]: Decrypted Packet[0] Handshake(22) with length: 74 |<6>| BUF[HSK]: Inserted 74 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[80708e8]: SERVER HELLO was received [74 bytes] |<6>| BUF[REC][HD]: Read 70 bytes of Data(22) |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 70 bytes of Data |<3>| HSK[80708e8]: Server's version: 3.1 |<3>| HSK[80708e8]: SessionID length: 32 |<3>| HSK[80708e8]: SessionID: 47e4a60fcbbb89268cd0aad3b915f0e2c53b7325543c5c3a93d05d0a7c770523 |<3>| HSK[80708e8]: Selected cipher suite: DHE_RSA_AES_256_CBC_SHA |<2>| ASSERT: gnutls_extensions.c:121 |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 Hollenbeck [Page 3] RFC 3749 Implementation Report December 2004 |<7>| 0000 - 16 03 01 01 f7 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[1] Handshake(22) with length: 1 |<4>| REC[80708e8]: Received Packet[1] Handshake(22) with length: 503 |<7>| READ: Got 503 bytes from 5 |<7>| READ: read 503 bytes from 5 |<7>| 0000 - 0b 00 01 f3 00 01 f0 00 01 ed 30 82 01 e9 30 82 |<7>| 0001 - 01 52 02 01 06 30 0d 06 09 2a 86 48 86 f7 0d 01 |<7>| 0002 - 01 04 05 00 30 5b 31 0b 30 09 06 03 55 04 06 13 |<7>| 0003 - 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 51 75 |<7>| 0004 - 65 65 6e 73 6c 61 6e 64 31 1a 30 18 06 03 55 04 |<7>| 0005 - 0a 13 11 43 72 79 70 74 53 6f 66 74 20 50 74 79 |<7>| 0006 - 20 4c 74 64 31 1b 30 19 06 03 55 04 03 13 12 54 |<7>| 0007 - 65 73 74 20 43 41 20 28 31 30 32 34 20 62 69 74 |<7>| 0008 - 29 30 1e 17 0d 30 30 31 30 31 36 32 32 33 31 30 |<7>| 0009 - 33 5a 17 0d 30 33 30 31 31 34 32 32 33 31 30 33 |<7>| 000a - 5a 30 63 31 0b 30 09 06 03 55 04 06 13 02 41 55 |<7>| 000b - 31 13 30 11 06 03 55 04 08 13 0a 51 75 65 65 6e |<7>| 000c - 73 6c 61 6e 64 31 1a 30 18 06 03 55 04 0a 13 11 |<7>| 000d - 43 72 79 70 74 53 6f 66 74 20 50 74 79 20 4c 74 |<7>| 000e - 64 31 23 30 21 06 03 55 04 03 13 1a 53 65 72 76 |<7>| 000f - 65 72 20 74 65 73 74 20 63 65 72 74 20 28 35 31 |<7>| 0010 - 32 20 62 69 74 29 30 5c 30 0d 06 09 2a 86 48 86 |<7>| 0011 - f7 0d 01 01 01 05 00 03 4b 00 30 48 02 41 00 9f |<7>| 0012 - b3 c3 84 27 95 ff 12 31 52 0f 15 ef 46 11 c4 ad |<7>| 0013 - 80 e6 36 5b 0f dd 80 d7 61 8d e0 fc 72 45 09 34 |<7>| 0014 - fe 55 66 45 43 4c 68 97 6a fe a8 a0 a5 df 5f 78 |<7>| 0015 - ff ee d7 64 b8 3f 04 cb 6f ff 2a fe fe b9 ed 02 |<7>| 0016 - 03 01 00 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |<7>| 0017 - 04 05 00 03 81 81 00 93 d2 0a c5 41 e6 5a a9 86 |<7>| 0018 - f9 11 87 e4 db 45 e2 c5 95 78 1a 6c 80 6d 73 1f |<7>| 0019 - b4 6d 44 a3 ba 86 88 c8 58 cd 1c 06 35 6c 44 62 |<7>| 001a - 88 df e4 f6 64 61 95 ef 4a a6 7f 65 71 d7 6b 88 |<7>| 001b - 39 f6 32 bf ac 93 67 69 51 8c 93 ec 48 5f c9 b1 |<7>| 001c - 42 f9 55 d2 7e 4e f4 f2 21 6b 90 57 e6 d7 99 9e |<7>| 001d - 41 ca 80 bf 1a 28 a2 ca 5b 50 4a ed 84 e7 82 c7 |<7>| 001e - d2 cf 36 9e 6a 67 b9 88 a7 f3 8a d0 04 f8 e8 c6 |<7>| 001f - 17 e3 c5 29 bc 17 f1 |<7>| RB: Have 5 bytes into buffer. Adding 503 bytes. |<7>| RB: Requested 508 bytes |<4>| REC[80708e8]: Decrypted Packet[1] Handshake(22) with length: 503 |<6>| BUF[HSK]: Inserted 503 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[80708e8]: CERTIFICATE was received [503 bytes] |<6>| BUF[REC][HD]: Read 499 bytes of Data(22) |<6>| BUF[HSK]: Peeked 74 bytes of Data Hollenbeck [Page 4] RFC 3749 Implementation Report December 2004 |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 499 bytes of Data |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 16 03 01 00 cd |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[2] Handshake(22) with length: 1 |<4>| REC[80708e8]: Received Packet[2] Handshake(22) with length: 205 |<7>| READ: Got 205 bytes from 5 |<7>| READ: read 205 bytes from 5 |<7>| 0000 - 0c 00 00 c9 00 40 da 58 3c 16 d9 85 22 89 d0 e4 |<7>| 0001 - af 75 6f 4c ca 92 dd 4b e5 33 b8 04 fb 0f ed 94 |<7>| 0002 - ef 9c 8a 44 03 ed 57 46 50 d3 69 99 db 29 d7 76 |<7>| 0003 - 27 6b a2 d3 d4 12 e2 18 f4 dd 1e 08 4c f6 d8 00 |<7>| 0004 - 3e 7c 47 74 e8 33 00 01 02 00 40 25 25 c5 8a 44 |<7>| 0005 - 10 a1 30 11 ff f0 bd 30 54 13 c4 b0 c1 e5 d6 5e |<7>| 0006 - 26 d7 52 2c 00 9f d8 27 c2 0d d3 ef a4 9b 9a 1e |<7>| 0007 - cc be 3d db 2c 69 3b 2f 8f 1d c6 76 9b 3f 9e 6f |<7>| 0008 - 3d b8 13 4f 25 2a f1 ad 8e 84 73 00 40 5c 48 5d |<7>| 0009 - 4e 0f 7c da e7 3c eb 2c 39 2a 4e 73 e0 cf fb e0 |<7>| 000a - 01 18 b0 32 b6 53 28 6b 8b 45 63 08 33 87 9b b7 |<7>| 000b - 8f e9 ff 78 a6 0f db 02 72 33 ad 2d d8 f5 fd 26 |<7>| 000c - b8 ce 4f fb 82 6e a5 7b 1c 76 86 8c d6 |<7>| RB: Have 5 bytes into buffer. Adding 205 bytes. |<7>| RB: Requested 210 bytes |<4>| REC[80708e8]: Decrypted Packet[2] Handshake(22) with length: 205 |<6>| BUF[HSK]: Inserted 205 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[80708e8]: SERVER KEY EXCHANGE was received [205 bytes] |<6>| BUF[REC][HD]: Read 201 bytes of Data(22) |<6>| BUF[HSK]: Peeked 503 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 201 bytes of Data |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 16 03 01 00 04 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[3] Handshake(22) with length: 1 |<4>| REC[80708e8]: Received Packet[3] Handshake(22) with length: 4 |<7>| READ: Got 4 bytes from 5 |<7>| READ: read 4 bytes from 5 |<7>| 0000 - 0e 00 00 00 |<7>| RB: Have 5 bytes into buffer. Adding 4 bytes. Hollenbeck [Page 5] RFC 3749 Implementation Report December 2004 |<7>| RB: Requested 9 bytes |<4>| REC[80708e8]: Decrypted Packet[3] Handshake(22) with length: 4 |<6>| BUF[HSK]: Inserted 4 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[80708e8]: SERVER HELLO DONE was received [4 bytes] |<2>| ASSERT: gnutls_handshake.c:929 |<6>| BUF[HSK]: Peeked 205 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<3>| HSK[80708e8]: CLIENT KEY EXCHANGE was send [70 bytes] |<6>| BUF[HSK]: Peeked 4 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<4>| REC[80708e8]: Sending Packet[1] Handshake(22) with length: 70 |<7>| WRITE: Will write 75 bytes to 5. |<7>| WRITE: wrote 75 bytes to 5. Left 0 bytes. Total 75 bytes. |<7>| 0000 - 16 03 01 00 46 10 00 00 42 00 40 20 1d 2c f7 78 |<7>| 0001 - 4c 30 1d eb c7 93 d2 26 67 69 39 87 b4 9b bf 33 |<7>| 0002 - d3 1e 3c 6f 49 80 ee ac 18 e4 a7 9b 45 d6 62 81 |<7>| 0003 - c8 1c a5 9d 17 7e a5 5f 39 cc 6a 45 02 de de 02 |<7>| 0004 - f1 e9 b5 84 f9 3a 5e 24 f9 3d 96 |<4>| REC[80708e8]: Sent Packet[2] Handshake(22) with length: 75 |<3>| REC[80708e8]: Sent ChangeCipherSpec |<4>| REC[80708e8]: Sending Packet[2] Change Cipher Spec(20) with length: 1 |<7>| WRITE: Will write 6 bytes to 5. |<7>| WRITE: wrote 6 bytes to 5. Left 0 bytes. Total 6 bytes. |<7>| 0000 - 14 03 01 00 01 01 |<4>| REC[80708e8]: Sent Packet[3] Change Cipher Spec(20) with length: 6 |<9>| INT: PREMASTER SECRET[64]: (null) |<9>| INT: CLIENT RANDOM[32]: (null) |<9>| INT: SERVER RANDOM[32]: (null) |<9>| INT: MASTER SECRET: (null) |<9>| INT: KEY BLOCK[136]: (null) |<9>| INT: CLIENT WRITE KEY [32]: (null) |<9>| INT: SERVER WRITE KEY [32]: (null) |<3>| HSK[80708e8]: Cipher Suite: DHE_RSA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Initializing internal [write] cipher sessions |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<3>| HSK[80708e8]: FINISHED was send [16 bytes] |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<4>| REC[80708e8]: Sending Packet[0] Handshake(22) with length: 16 |<7>| WRITE: Will write 69 bytes to 5. |<7>| WRITE: wrote 69 bytes to 5. Left 0 bytes. Total 69 bytes. |<7>| 0000 - 16 03 01 00 40 1d 08 1d c2 84 36 e4 b1 22 71 8f |<7>| 0001 - 06 ae 2f a5 ef 7c ba c4 85 33 c9 4e fd 00 c1 1a |<7>| 0002 - 00 52 76 68 1c 44 52 e2 93 05 ec 2f fc 52 1d 04 Hollenbeck [Page 6] RFC 3749 Implementation Report December 2004 |<7>| 0003 - 3d f2 ea 5d 7d de e5 8e c0 7f a3 40 e5 ce 2d 2a |<7>| 0004 - e9 83 3a 41 e2 |<4>| REC[80708e8]: Sent Packet[1] Handshake(22) with length: 69 |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 14 03 01 00 01 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[4] Change Cipher Spec(20) with length: 1 |<4>| REC[80708e8]: Received Packet[4] Change Cipher Spec(20) with length: 1 |<7>| READ: Got 1 bytes from 5 |<7>| READ: read 1 bytes from 5 |<7>| 0000 - 01 |<7>| RB: Have 5 bytes into buffer. Adding 1 bytes. |<7>| RB: Requested 6 bytes |<4>| REC[80708e8]: ChangeCipherSpec Packet was received |<3>| HSK[80708e8]: Cipher Suite: DHE_RSA_AES_256_CBC_SHA |<3>| HSK[80708e8]: Initializing internal [read] cipher sessions |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 16 03 01 00 30 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[0] Handshake(22) with length: 1 |<4>| REC[80708e8]: Received Packet[0] Handshake(22) with length: 48 |<7>| READ: Got 48 bytes from 5 |<7>| READ: read 48 bytes from 5 |<7>| 0000 - 48 35 b9 3d e0 b4 59 11 f8 8c fa e2 f1 c6 5c 32 |<7>| 0001 - c6 dc 66 d6 ad 25 d4 4a 62 7b 59 5b 51 30 4d a2 |<7>| 0002 - fc 43 2e 08 70 c4 40 fd a0 ce c6 43 c7 3c 4a e1 |<7>| 0003 - |<7>| RB: Have 5 bytes into buffer. Adding 48 bytes. |<7>| RB: Requested 53 bytes |<4>| REC[80708e8]: Decrypted Packet[0] Handshake(22) with length: 16 |<6>| BUF[HSK]: Inserted 16 bytes of Data(22) |<6>| BUF[REC][HD]: Read 1 bytes of Data(22) |<6>| BUF[REC][HD]: Read 3 bytes of Data(22) |<3>| HSK[80708e8]: FINISHED was received [16 bytes] |<6>| BUF[REC][HD]: Read 12 bytes of Data(22) |<6>| BUF[HSK]: Peeked 0 bytes of Data |<6>| BUF[HSK]: Emptied buffer |<6>| BUF[HSK]: Inserted 4 bytes of Data |<6>| BUF[HSK]: Inserted 12 bytes of Data |<6>| BUF[HSK]: Cleared Data from buffer |<2>| ASSERT: ext_server_name.c:226 - Certificate type: X.509 - Got a certificate list of 1 certificates. Hollenbeck [Page 7] RFC 3749 Implementation Report December 2004 - Certificate[0] info: # The hostname in the certificate does NOT match 'www.openssl.org'. # valid since: Tue Oct 17 00:31:00 CEST 2000 # expires at: Tue Jan 14 23:31:00 CET 2003 # serial number: 06 # fingerprint: 4a ce 36 44 5f 5a b4 bb cc 2b 9d d5 5e 2f 0e 3a # version: #1 # public key algorithm: RSA # Modulus: 512 bits # Subject's DN: C=AU,ST=Queensland,O=CryptSoft Pty Ltd,CN=Server test cert (512 bit) # Issuer's DN: C=AU,ST=Queensland,O=CryptSoft Pty Ltd,CN=Test CA (1024 bit) |<2>| ASSERT: verify.c:204 |<2>| ASSERT: verify.c:338 - Peer's certificate issuer is unknown - Peer's certificate is NOT trusted - Ephemeral DH using prime of 512 bits, secret key of 504 bits, and peer's public key is 510 bits. - Version: TLS 1.0 - Key Exchange: DHE RSA - Cipher: AES 256 CBC - MAC: SHA - Compression: DEFLATE - Handshake was completed - Simple Client Mode: |<4>| REC[80708e8]: Sending Packet[1] Application Data(23) with length: 6 |<7>| WRITE: Will write 197 bytes to 5. |<7>| WRITE: wrote 197 bytes to 5. Left 0 bytes. Total 197 bytes. |<7>| 0000 - 17 03 01 00 c0 de 26 c7 08 6a 5b 61 90 c8 bb d5 |<7>| 0001 - 8d 22 07 d3 7d b0 a4 cf a5 85 d2 ee 45 39 15 e7 |<7>| 0002 - 5d 7d e3 b6 f9 20 e5 0b 1f 44 e2 03 32 83 ee 71 |<7>| 0003 - 9b 57 60 3d f3 b2 49 a6 38 f2 ef 62 c6 4f 3d 1e |<7>| 0004 - 88 de a5 db 25 ea bf 85 2d 9a 69 18 d1 f6 ca aa |<7>| 0005 - 13 4c 7b e4 aa 98 89 34 67 88 ca 6c 87 ba 00 99 |<7>| 0006 - e3 1a 9d 9a d8 dd b3 14 e6 62 dc 2d ba bd 81 6e |<7>| 0007 - 93 74 9a 22 fb 39 48 e8 6a d4 a1 f7 f3 5f 4b b5 |<7>| 0008 - df 7e 65 e3 25 f8 b0 7f cd dd f9 ad f9 0b 0b 4b |<7>| 0009 - fe f2 e3 ec 84 ed cd 40 10 a2 0d 44 fc 7a c5 5a |<7>| 000a - b0 03 f7 34 14 c2 70 11 17 a6 ab 62 5b 05 36 70 |<7>| 000b - 8c 28 c2 44 ab e7 07 0c e3 96 4f d0 41 dc 0e 38 |<7>| 000c - 78 e9 3e d3 20 |<4>| REC[80708e8]: Sent Packet[2] Application Data(23) with length: 197 |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 17 03 01 00 20 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. Hollenbeck [Page 8] RFC 3749 Implementation Report December 2004 |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[1] Application Data(23) with length: 4096 |<4>| REC[80708e8]: Received Packet[1] Application Data(23) with length: 32 |<7>| READ: Got 31 bytes from 5 |<7>| READ: read 31 bytes from 5 |<7>| 0000 - 13 52 ae 84 0d 68 35 66 b9 6e ce 17 6e 80 31 b1 |<7>| 0001 - b4 c4 dc 79 ca 01 60 7d 7e 32 ff ea 87 8c 13 |<7>| RB: Have 5 bytes into buffer. Adding 31 bytes. |<7>| RB: Requested 37 bytes |<7>| READ: Got 1 bytes from 5 |<7>| READ: read 1 bytes from 5 |<7>| 0000 - 17 |<7>| RB-PEEK: Read 1 bytes in PEEK MODE. |<7>| RB-PEEK: Have 36 bytes into buffer. Adding 1 bytes. RB: Requested 37 bytes |<4>| REC[80708e8]: Decrypted Packet[1] Application Data(23) with length: 0 |<6>| BUFFER[REC][AD]: Read 0 bytes of Data(23) |<7>| READ: Got 1 bytes from 5 |<7>| READ: read 1 bytes from 5 |<7>| 0000 - 17 |<7>| READ: Got 5 bytes from 5 |<7>| READ: read 5 bytes from 5 |<7>| 0000 - 17 03 01 04 00 |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes. |<7>| RB: Requested 5 bytes |<4>| REC[80708e8]: Expected Packet[2] Application Data(23) with length: 4096 |<4>| REC[80708e8]: Received Packet[2] Application Data(23) with length: 1024 |<7>| READ: Got 1023 bytes from 5 |<7>| READ: read 1023 bytes from 5 |<7>| 0000 - 6c 9b 8f 2b 31 42 f3 1d e9 42 4c e5 34 90 e0 cc |<7>| 0001 - a5 b0 60 36 7f 5e 31 ce 7d f5 d6 81 d6 2e ed 63 |<7>| 0002 - 20 29 dd ac 03 3f 10 0e ce c8 f6 56 2b 9d 7e da |<7>| 0003 - f4 aa b0 01 36 a0 45 08 e5 5f 5f 0b 87 46 4e 0b |<7>| 0004 - 8d 8f a6 c3 d7 15 68 21 dd 0a ba ca 1c f8 91 01 |<7>| 0005 - ea 6b 0b 7e 7e 3f 98 1d d1 82 b6 c1 95 da 44 1b |<7>| 0006 - 40 57 7b 69 86 f4 ca a6 81 32 fa 35 d5 41 c8 53 |<7>| 0007 - e7 51 4d d9 ff 29 5e 8b 56 65 d4 4a d1 a9 63 94 |<7>| 0008 - 0f f5 7a 6a 7b 56 c0 d2 78 bf 80 23 60 b4 fa ae |<7>| 0009 - 1d 17 c1 6d 2d 2f 3b 31 87 ed f7 be ca c3 95 99 |<7>| 000a - 3f d9 0b 57 d0 18 7d f7 b2 96 4d 6a 20 64 95 99 |<7>| 000b - 19 66 4d 69 de 83 0d 66 55 83 78 c5 df 4e d3 45 |<7>| 000c - 68 0d 33 a2 6e be 59 fb a0 9d a2 1f 8e 9e e3 1e |<7>| 000d - 82 18 16 0e 4f 95 ad ef 87 38 25 a0 e9 31 19 90 |<7>| 000e - d6 0d 72 c6 0e cd dc 84 b1 98 0f 1b 22 f7 da a5 |<7>| 000f - e3 93 85 b7 69 12 d1 06 e1 7e 90 e8 82 a4 5e ff |<7>| 0010 - c3 7b 8d 95 a0 b8 c1 0f ea 46 92 1f c4 2c de c1 |<7>| 0011 - 05 70 88 9a b1 e4 f3 5b 0c ec 4a 1d 40 2f 60 86 |<7>| 0012 - a9 24 8c 0b d4 05 43 e5 f9 7d 87 36 a8 af 44 a9 Hollenbeck [Page 9] RFC 3749 Implementation Report December 2004 |<7>| 0013 - f1 de c0 a2 a0 9b c3 1e 67 45 6e 42 9a 22 a9 51 |<7>| 0014 - 59 14 41 dc 79 eb ec 8c 2a ca b8 9b d3 65 ba c5 |<7>| 0015 - 14 cc f5 95 e2 8e be 10 54 a0 18 63 df 62 7e 39 |<7>| 0016 - c5 04 7a f4 6c 8d 89 50 7f 39 5c 92 e1 7e e1 cd |<7>| 0017 - e3 ab 90 18 0c 76 46 6e fd c4 5c b5 63 a6 0e 1c |<7>| 0018 - 23 05 91 8c b5 c1 8e 09 09 d8 e7 9d 3b 33 0c d8 |<7>| 0019 - 36 86 7f 6f f4 f9 c2 66 b9 77 ab 48 d2 25 dc f7 |<7>| 001a - 54 04 76 ed 52 05 35 db 8b 58 b8 99 92 52 da f7 |<7>| 001b - 97 a4 c9 ff 76 a2 84 8c d8 d7 7a 65 5d 46 d5 07 |<7>| 001c - db de 44 ba 6c 8a 99 5c f9 bb 59 21 e9 0c 21 2b |<7>| 001d - 5c ad 37 6b fa 1a 17 23 fd 66 ea 7b 09 73 70 45 |<7>| 001e - 57 88 2d b0 52 92 58 aa 25 b0 b5 8a 0c 3c 95 cc |<7>| 001f - 29 80 fb 4a 21 7f b1 59 12 ce f9 dc 89 ef a5 66 |<7>| 0020 - 75 32 6e fb 8c af 42 64 2e 8c bd b8 fa 30 ce f0 |<7>| 0021 - 55 bd 71 69 5b 29 d5 2f bf d2 0f 41 fe 2c 68 1f |<7>| 0022 - f4 c4 b7 b3 71 4d 41 5f fa 62 68 ac 01 35 84 84 |<7>| 0023 - f6 48 86 bf d3 ab e1 c3 a1 ff 7c 15 86 e6 83 5d |<7>| 0024 - d9 05 7d 6b 99 c0 e6 9e e9 d8 0d 4c ff 40 c6 8c |<7>| 0025 - 89 60 4e e5 17 dd 4d f2 6e e1 b8 79 6d 2c 0d 2f |<7>| 0026 - b4 73 24 89 bb 2f ba b1 59 5f fd 77 3c e3 ac b8 |<7>| 0027 - 1f bd b3 9d b3 f0 34 1b 0e 4b 1a c2 77 1b f2 45 |<7>| 0028 - 3f e9 c6 37 95 52 af 1f a6 4b fb ec af c1 74 07 |<7>| 0029 - e6 79 e9 47 0a 9f 01 12 41 0a 39 ed 36 97 84 7e |<7>| 002a - 24 74 f8 7f 6d 14 5e aa 56 3f 0d 32 7f 82 19 40 |<7>| 002b - df 1b 77 9e e2 f1 90 99 44 e2 23 2f 21 fa 3c 11 |<7>| 002c - 47 60 cc 8d af e5 2c d0 3c 8e ce d5 70 24 ed 3d |<7>| 002d - f3 d0 4e 41 8b 2f f4 7d d2 6e 0b 32 47 71 0b a4 |<7>| 002e - bd b6 60 40 fd af e8 6c 5b f5 04 77 98 8c 7b 37 |<7>| 002f - 03 c7 53 57 81 84 d0 17 90 2f 67 e5 5e 95 c9 f9 |<7>| 0030 - 3e 01 f8 e3 48 44 49 77 4d c4 9b f6 52 3f 73 e7 |<7>| 0031 - 5c 78 0b 37 14 60 f5 94 fd 14 0d af 6f 67 e1 c0 |<7>| 0032 - 92 d5 46 76 3d 47 4d 30 7e 2a 63 8e ef bc 29 e7 |<7>| 0033 - 62 84 33 1e 16 0e a3 92 24 34 7a b4 7a 3d 15 20 |<7>| 0034 - a3 3a 29 41 62 ca 11 af ef de 98 5a b6 82 6c a2 |<7>| 0035 - b7 6a d0 10 94 8d 21 df 4f 9c fc 8e 9c 2d 74 12 |<7>| 0036 - 47 dc c1 9e 56 38 2b 76 c4 04 9e ac 97 d1 9c f6 |<7>| 0037 - b9 25 13 7e b7 6b 7c 3d 61 8f e9 63 03 70 c5 55 |<7>| 0038 - c5 98 0c 5c 98 5a 74 5a a5 f5 1c ce c9 1a 90 66 |<7>| 0039 - 24 4b c6 27 33 3c a3 ff f0 41 e7 d2 9b 5c 2f ca |<7>| 003a - 2d e3 5a 1f 9f 23 a2 d1 4f 68 39 55 14 c3 b7 f3 |<7>| 003b - 35 82 92 ba e6 bc 80 e8 ce 1a ef 16 34 5e 14 4f |<7>| 003c - de bb 6d 0e 41 ec 14 19 ac ce dd 9c f8 28 2c 9b |<7>| 003d - 38 4e 24 d0 1e bb b1 67 ae 5f 0f 58 7e e8 c1 6b |<7>| 003e - 3c 34 d5 49 a5 09 f1 64 7e b4 e2 67 38 e1 94 f4 |<7>| 003f - e6 82 3a 0c 96 1c a0 c7 e6 2a e5 8e 6a a7 16 |<7>| RB: Have 5 bytes into buffer. Adding 1023 bytes. |<7>| RB: Requested 1029 bytes |<7>| READ: Got 1 bytes from 5 Hollenbeck [Page 10] RFC 3749 Implementation Report December 2004 |<7>| READ: read 1 bytes from 5 |<7>| 0000 - 60 |<7>| RB-PEEK: Read 1 bytes in PEEK MODE. |<7>| RB-PEEK: Have 1028 bytes into buffer. Adding 1 bytes. RB: Requested 1029 bytes |<4>| REC[80708e8]: Decrypted Packet[2] Application Data(23) with length: 3248 |<6>| BUF[REC]: Inserted 3248 bytes of Data(23) |<6>| BUFFER[REC][AD]: Read 3248 bytes of Data(23) |<7>| READ: Got 1 bytes from 5 |<7>| READ: read 1 bytes from 5 |<7>| 0000 - 60 HTTP/1.0 200 ok Content-type: text/html 

s_server -port 5678 -www
   Ciphers supported in s_server binary
   TLSv1/SSLv3:DHE-RSA-AES256-SHA       TLSv1/SSLv3:DHE-DSS-AES256-SHA
   TLSv1/SSLv3:AES256-SHA               TLSv1/SSLv3:EDH-RSA-DES-CBC3-SHA
   TLSv1/SSLv3:EDH-DSS-DES-CBC3-SHA     TLSv1/SSLv3:DES-CBC3-SHA
   SSLv2      :DES-CBC3-MD5             TLSv1/SSLv3:DHE-RSA-AES128-SHA
   TLSv1/SSLv3:DHE-DSS-AES128-SHA       TLSv1/SSLv3:AES128-SHA
   TLSv1/SSLv3:IDEA-CBC-SHA             SSLv2      :IDEA-CBC-MD5
   SSLv2      :RC2-CBC-MD5              TLSv1/SSLv3:DHE-DSS-RC4-SHA
   TLSv1/SSLv3:RC4-SHA                  TLSv1/SSLv3:RC4-MD5
   SSLv2      :RC4-MD5                  SSLv2      :RC4-64-MD5
   TLSv1/SSLv3:EXP1024-DHE-DSS-DES-CBC-SHATLSv1/SSLv3:EXP1024-DES-CBC-SHA
   TLSv1/SSLv3:EXP1024-RC2-CBC-MD5      TLSv1/SSLv3:EDH-RSA-DES-CBC-SHA
   TLSv1/SSLv3:EDH-DSS-DES-CBC-SHA      TLSv1/SSLv3:DES-CBC-SHA
   SSLv2      :DES-CBC-MD5              TLSv1/SSLv3:EXP1024-DHE-DSS-RC4-SHA
   TLSv1/SSLv3:EXP1024-RC4-SHA          TLSv1/SSLv3:EXP1024-RC4-MD5
   TLSv1/SSLv3:EXP-EDH-RSA-DES-CBC-SHA  TLSv1/SSLv3:EXP-EDH-DSS-DES-CBC-SHA
   TLSv1/SSLv3:EXP-DES-CBC-SHA          TLSv1/SSLv3:EXP-RC2-CBC-MD5
   SSLv2      :EXP-RC2-CBC-MD5          TLSv1/SSLv3:EXP-RC4-MD5
   SSLv2      :EXP-RC4-MD5
   ---
   Ciphers common between both SSL end points:
   DHE-RSA-AES256-SHA         DHE-RSA-AES128-SHA         ECDHE-RSA-AES128-SHA
   EDH-RSA-DES-CBC3-SHA       ECDHE-ECDSA-AES128-SHA     DHE-DSS-AES256-SHA
   DHE-DSS-AES128-SHA         EDH-DSS-DES-CBC3-SHA       DHE-DSS-RC4-SHA
   AES256-SHA                 AES128-SHA                 DES-CBC3-SHA
   RC4-SHA                    RC4-MD5                    AECDH-DES-CBC-SHA
   EXP-ECDH-RSA-RC4-56-SHA    ECDH-RSA-AES128-SHA        AECDH-DES-CBC3-SHA
   AECDH-NULL-SHA             ECDH-RSA-AES256-SHA        AECDH-RC4-SHA
   EXP-ECDH-RSA-RC4-40-SHA    ECDH-RSA-DES-CBC3-SHA      EXP-RC4-MD5
   ADH-AES256-SHA             ADH-AES128-SHA             ADH-DES-CBC3-SHA



Hollenbeck                                                     [Page 11]

                     RFC 3749 Implementation Report        December 2004


   ADH-RC4-MD5
   ---
   New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
   Compression: zlib compression
   Expansion: zlib compression
   SSL-Session:
       Protocol  : TLSv1
       Cipher    : DHE-RSA-AES256-SHA
       Session-ID: 47E4A60FCBBB89268CD0AAD3B915F0E2C53B7325543C5C3A93D05D0A7C770523
       Session-ID-ctx: 01000000
       Master-Key: 8E727F01DEBBEA68A39E3A48CA18DD38EFEF1370E18FBA63857A0F6B1BFE18F00E2362462C36E7E5B032287C8AB13602
       Key-Arg   : None
      Compression: 1 (zlib compression)
       Start Time: 1103045566
       Timeout   : 300 (sec)
       Verify return code: 0 (ok)
   ---
     15 items in the session cache
      0 client connects (SSL_connect())
      0 client renegotiates (SSL_connect())
      0 client connects that finished
     19 server accepts (SSL_accept())
      0 server renegotiates (SSL_accept())
     17 server accepts that finished
      2 session cache hits
      1 session cache misses
      0 session cache timeouts
      0 callback cache hits
      0 cache full overflows (128 allowed)
   ---
   no client certificate available
   

|<4>| REC: Sending Alert[1|0] - Close notify
   |<4>| REC[80708e8]: Sending Packet[2] Alert(21) with length: 2
   |<7>| WRITE: Will write 133 bytes to 5.
   |<7>| WRITE: wrote 133 bytes to 5. Left 0 bytes. Total 133 bytes.
   |<7>| 0000 - 15 03 01 00 80 ff 6d 59 bd b2 55 fc 44 33 b2 c1
   |<7>| 0001 - 25 fe 62 67 04 27 89 c0 8b 24 dd 96 a6 b8 56 11
   |<7>| 0002 - 30 89 05 83 46 59 e2 cb 00 b5 fe 57 27 f2 d8 fb
   |<7>| 0003 - 7c bb 76 e5 b0 65 4c 73 79 af dc a5 67 35 f4 01
   |<7>| 0004 - 40 b0 55 2a e8 d6 4a 26 b8 65 de e0 a3 eb 20 ed
   |<7>| 0005 - 59 06 3f d7 0d 24 21 3a d5 ce 88 5c 62 9b 8e 17
   |<7>| 0006 - ca 9a b2 58 2a d5 dc d2 7b 5e f7 90 6e 67 14 b6
   |<7>| 0007 - f9 c1 bd d2 93 6a 18 a9 53 5f 4d 9a c8 bf d6 d8
   |<7>| 0008 - 14 17 25 a7 5c
   |<4>| REC[80708e8]: Sent Packet[3] Alert(21) with length: 133
   |<7>| READ: Got 0 bytes from 5



Hollenbeck                                                     [Page 12]

                     RFC 3749 Implementation Report        December 2004


   |<7>| READ: read 0 bytes from 5
   |<7>| 0000 -
   |<2>| ASSERT: gnutls_buffers.c:463
   |<2>| ASSERT: gnutls_record.c:685
   ******************** END LOG ********************

        Figure 1: GnuTLS 1.0.16 Client, OpenSSL 0.9.8-dev Server

   This log describes a TLS session between a GnuTLS client and an
   OpenSSL server.  The client uses GnuTLS version 1.1.23.  The server
   uses OpenSSL version 0.9.8-dev.  Both are unreleased development
   versions current as of 14 December 2004.

   ******************** BEGIN LOG ********************

   jas@latte:~$ echo 'GET /'|src/gnutls/src/gnutls-cli -p 5678 www.openssl.org -d 4711
   Resolving 'www.openssl.org'...
   Connecting to '195.27.176.155:5678'...
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_AES_256_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_AES_128_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_RMD
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_ARCFOUR_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA



Hollenbeck                                                     [Page 13]

                     RFC 3749 Implementation Report        December 2004


   |<3>| HSK[80728e8]: Keeping ciphersuite: RSA_EXPORT_ARCFOUR_40_MD5
   |<3>| HSK[80728e8]: Keeping ciphersuite: ANON_DH_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: ANON_DH_AES_128_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: ANON_DH_3DES_EDE_CBC_SHA
   |<3>| HSK[80728e8]: Keeping ciphersuite: ANON_DH_ARCFOUR_MD5
   |<2>| EXT[80728e8]: Sending extension CERT_TYPE
   |<2>| EXT[80728e8]: Sending extension SERVER_NAME
   |<3>| HSK[80728e8]: CLIENT HELLO was send [147 bytes]
   |<6>| BUF[HSK]: Peeked 0 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<4>| REC[80728e8]: Sending Packet[0] Handshake(22) with length: 147
   |<7>| WRITE: Will write 152 bytes to 5.
   |<7>| WRITE: wrote 152 bytes to 5. Left 0 bytes. Total 152 bytes.
   |<7>| 0000 - 16 03 02 00 93 01 00 00 8f 03 02 41 bf 23 bf 5b
   |<7>| 0001 - 2a 6c 4f 89 a2 09 f3 ad 79 fd ef fa f6 25 8a d5
   |<7>| 0002 - 62 07 4c 72 06 d9 38 b5 bc bf 24 00 00 46 00 39
   |<7>| 0003 - 00 79 00 33 00 78 00 16 00 77 00 38 00 73 00 32
   |<7>| 0004 - 00 74 00 13 00 72 00 66 00 35 00 7e 00 2f 00 7d
   |<7>| 0005 - 00 0a 00 7c 00 05 00 04 00 57 00 54 00 51 00 58
   |<7>| 0006 - 00 55 00 52 00 56 00 53 00 50 00 03 00 3a 00 34
   |<7>| 0007 - 00 1b 00 18 02 01 00 00 1f 00 07 00 03 02 00 01
   |<7>| 0008 - 00 00 00 14 00 12 00 00 0f 77 77 77 2e 6f 70 65
   |<7>| 0009 - 6e 73 73 6c 2e 6f 72 67
   |<4>| REC[80728e8]: Sent Packet[1] Handshake(22) with length: 152
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 16 03 01 00 4a
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[0] Handshake(22) with length: 1
   |<4>| REC[80728e8]: Received Packet[0] Handshake(22) with length: 74
   |<7>| READ: Got 74 bytes from 5
   |<7>| READ: read 74 bytes from 5
   |<7>| 0000 - 02 00 00 46 03 01 41 bf 23 cc 18 9e b8 b5 2d 60
   |<7>| 0001 - ff cf 37 a4 e8 eb 97 dc 3e d6 0e 88 9d a0 42 62
   |<7>| 0002 - b7 e3 e8 e0 c5 5e 20 e7 3f c8 d5 c7 8d 81 d0 8e
   |<7>| 0003 - c6 1a 7e b9 8d 18 2b b5 09 3b 20 12 80 00 93 b5
   |<7>| 0004 - 71 51 ed e3 56 63 16 00 39 01
   |<7>| RB: Have 5 bytes into buffer. Adding 74 bytes.
   |<7>| RB: Requested 79 bytes
   |<4>| REC[80728e8]: Decrypted Packet[0] Handshake(22) with length: 74
   |<6>| BUF[HSK]: Inserted 74 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
   |<3>| HSK[80728e8]: SERVER HELLO was received [74 bytes]
   |<6>| BUF[REC][HD]: Read 70 bytes of Data(22)
   |<6>| BUF[HSK]: Peeked 0 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer



Hollenbeck                                                     [Page 14]

                     RFC 3749 Implementation Report        December 2004


   |<6>| BUF[HSK]: Inserted 4 bytes of Data
   |<6>| BUF[HSK]: Inserted 70 bytes of Data
   |<3>| HSK[80728e8]: Server's version: 3.1
   |<3>| HSK[80728e8]: SessionID length: 32
   |<3>| HSK[80728e8]: SessionID: e73fc8d5c78d81d08ec61a7eb98d182bb5093b2012800093b57151ede3566316
   |<3>| HSK[80728e8]: Selected cipher suite: DHE_RSA_AES_256_CBC_SHA
   |<2>| ASSERT: gnutls_extensions.c:139
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 16 03 01 01 f7
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[1] Handshake(22) with length: 1
   |<4>| REC[80728e8]: Received Packet[1] Handshake(22) with length: 503
   |<7>| READ: Got 503 bytes from 5
   |<7>| READ: read 503 bytes from 5
   |<7>| 0000 - 0b 00 01 f3 00 01 f0 00 01 ed 30 82 01 e9 30 82
   |<7>| 0001 - 01 52 02 01 06 30 0d 06 09 2a 86 48 86 f7 0d 01
   |<7>| 0002 - 01 04 05 00 30 5b 31 0b 30 09 06 03 55 04 06 13
   |<7>| 0003 - 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 51 75
   |<7>| 0004 - 65 65 6e 73 6c 61 6e 64 31 1a 30 18 06 03 55 04
   |<7>| 0005 - 0a 13 11 43 72 79 70 74 53 6f 66 74 20 50 74 79
   |<7>| 0006 - 20 4c 74 64 31 1b 30 19 06 03 55 04 03 13 12 54
   |<7>| 0007 - 65 73 74 20 43 41 20 28 31 30 32 34 20 62 69 74
   |<7>| 0008 - 29 30 1e 17 0d 30 30 31 30 31 36 32 32 33 31 30
   |<7>| 0009 - 33 5a 17 0d 30 33 30 31 31 34 32 32 33 31 30 33
   |<7>| 000a - 5a 30 63 31 0b 30 09 06 03 55 04 06 13 02 41 55
   |<7>| 000b - 31 13 30 11 06 03 55 04 08 13 0a 51 75 65 65 6e
   |<7>| 000c - 73 6c 61 6e 64 31 1a 30 18 06 03 55 04 0a 13 11
   |<7>| 000d - 43 72 79 70 74 53 6f 66 74 20 50 74 79 20 4c 74
   |<7>| 000e - 64 31 23 30 21 06 03 55 04 03 13 1a 53 65 72 76
   |<7>| 000f - 65 72 20 74 65 73 74 20 63 65 72 74 20 28 35 31
   |<7>| 0010 - 32 20 62 69 74 29 30 5c 30 0d 06 09 2a 86 48 86
   |<7>| 0011 - f7 0d 01 01 01 05 00 03 4b 00 30 48 02 41 00 9f
   |<7>| 0012 - b3 c3 84 27 95 ff 12 31 52 0f 15 ef 46 11 c4 ad
   |<7>| 0013 - 80 e6 36 5b 0f dd 80 d7 61 8d e0 fc 72 45 09 34
   |<7>| 0014 - fe 55 66 45 43 4c 68 97 6a fe a8 a0 a5 df 5f 78
   |<7>| 0015 - ff ee d7 64 b8 3f 04 cb 6f ff 2a fe fe b9 ed 02
   |<7>| 0016 - 03 01 00 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01
   |<7>| 0017 - 04 05 00 03 81 81 00 93 d2 0a c5 41 e6 5a a9 86
   |<7>| 0018 - f9 11 87 e4 db 45 e2 c5 95 78 1a 6c 80 6d 73 1f
   |<7>| 0019 - b4 6d 44 a3 ba 86 88 c8 58 cd 1c 06 35 6c 44 62
   |<7>| 001a - 88 df e4 f6 64 61 95 ef 4a a6 7f 65 71 d7 6b 88
   |<7>| 001b - 39 f6 32 bf ac 93 67 69 51 8c 93 ec 48 5f c9 b1
   |<7>| 001c - 42 f9 55 d2 7e 4e f4 f2 21 6b 90 57 e6 d7 99 9e
   |<7>| 001d - 41 ca 80 bf 1a 28 a2 ca 5b 50 4a ed 84 e7 82 c7
   |<7>| 001e - d2 cf 36 9e 6a 67 b9 88 a7 f3 8a d0 04 f8 e8 c6
   |<7>| 001f - 17 e3 c5 29 bc 17 f1



Hollenbeck                                                     [Page 15]

                     RFC 3749 Implementation Report        December 2004


   |<7>| RB: Have 5 bytes into buffer. Adding 503 bytes.
   |<7>| RB: Requested 508 bytes
   |<4>| REC[80728e8]: Decrypted Packet[1] Handshake(22) with length: 503
   |<6>| BUF[HSK]: Inserted 503 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
   |<3>| HSK[80728e8]: CERTIFICATE was received [503 bytes]
   |<6>| BUF[REC][HD]: Read 499 bytes of Data(22)
   |<6>| BUF[HSK]: Peeked 74 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<6>| BUF[HSK]: Inserted 4 bytes of Data
   |<6>| BUF[HSK]: Inserted 499 bytes of Data
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 16 03 01 00 cd
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[2] Handshake(22) with length: 1
   |<4>| REC[80728e8]: Received Packet[2] Handshake(22) with length: 205
   |<7>| READ: Got 205 bytes from 5
   |<7>| READ: read 205 bytes from 5
   |<7>| 0000 - 0c 00 00 c9 00 40 da 58 3c 16 d9 85 22 89 d0 e4
   |<7>| 0001 - af 75 6f 4c ca 92 dd 4b e5 33 b8 04 fb 0f ed 94
   |<7>| 0002 - ef 9c 8a 44 03 ed 57 46 50 d3 69 99 db 29 d7 76
   |<7>| 0003 - 27 6b a2 d3 d4 12 e2 18 f4 dd 1e 08 4c f6 d8 00
   |<7>| 0004 - 3e 7c 47 74 e8 33 00 01 02 00 40 25 25 c5 8a 44
   |<7>| 0005 - 10 a1 30 11 ff f0 bd 30 54 13 c4 b0 c1 e5 d6 5e
   |<7>| 0006 - 26 d7 52 2c 00 9f d8 27 c2 0d d3 ef a4 9b 9a 1e
   |<7>| 0007 - cc be 3d db 2c 69 3b 2f 8f 1d c6 76 9b 3f 9e 6f
   |<7>| 0008 - 3d b8 13 4f 25 2a f1 ad 8e 84 73 00 40 6b e7 c3
   |<7>| 0009 - b9 99 c6 75 ab 42 17 01 d3 90 2a c4 fe c7 5f f7
   |<7>| 000a - d1 ef 7a 16 5a 63 aa d8 03 5f 51 43 c9 fb 3d 28
   |<7>| 000b - 4b 20 41 cd c3 7c 6a 7b 6c d4 07 05 30 15 a3 d4
   |<7>| 000c - 69 a1 7f 24 0c 4d c2 02 90 da ed 10 69
   |<7>| RB: Have 5 bytes into buffer. Adding 205 bytes.
   |<7>| RB: Requested 210 bytes
   |<4>| REC[80728e8]: Decrypted Packet[2] Handshake(22) with length: 205
   |<6>| BUF[HSK]: Inserted 205 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
   |<3>| HSK[80728e8]: SERVER KEY EXCHANGE was received [205 bytes]
   |<6>| BUF[REC][HD]: Read 201 bytes of Data(22)
   |<6>| BUF[HSK]: Peeked 503 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<6>| BUF[HSK]: Inserted 4 bytes of Data
   |<6>| BUF[HSK]: Inserted 201 bytes of Data
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5



Hollenbeck                                                     [Page 16]

                     RFC 3749 Implementation Report        December 2004


   |<7>| 0000 - 16 03 01 00 04
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[3] Handshake(22) with length: 1
   |<4>| REC[80728e8]: Received Packet[3] Handshake(22) with length: 4
   |<7>| READ: Got 4 bytes from 5
   |<7>| READ: read 4 bytes from 5
   |<7>| 0000 - 0e 00 00 00
   |<7>| RB: Have 5 bytes into buffer. Adding 4 bytes.
   |<7>| RB: Requested 9 bytes
   |<4>| REC[80728e8]: Decrypted Packet[3] Handshake(22) with length: 4
   |<6>| BUF[HSK]: Inserted 4 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
   |<3>| HSK[80728e8]: SERVER HELLO DONE was received [4 bytes]
   |<2>| ASSERT: gnutls_handshake.c:953
   |<6>| BUF[HSK]: Peeked 205 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<6>| BUF[HSK]: Inserted 4 bytes of Data
   |<3>| HSK[80728e8]: CLIENT KEY EXCHANGE was send [70 bytes]
   |<6>| BUF[HSK]: Peeked 4 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<4>| REC[80728e8]: Sending Packet[1] Handshake(22) with length: 70
   |<7>| WRITE: Will write 75 bytes to 5.
   |<7>| WRITE: wrote 75 bytes to 5. Left 0 bytes. Total 75 bytes.
   |<7>| 0000 - 16 03 01 00 46 10 00 00 42 00 40 2c 1e 9d 53 c8
   |<7>| 0001 - 0e b4 91 82 0e b4 ea 4a 0f 8d 7c 8d c1 72 23 c7
   |<7>| 0002 - 0c a9 de bd 27 b7 4a 94 f0 df 31 2c 04 9e 43 31
   |<7>| 0003 - 97 b8 88 63 22 f9 85 b7 03 07 20 39 b1 2c 41 ee
   |<7>| 0004 - 47 f5 32 9e 0e 3d 42 75 a6 55 e3
   |<4>| REC[80728e8]: Sent Packet[2] Handshake(22) with length: 75
   |<3>| REC[80728e8]: Sent ChangeCipherSpec
   |<4>| REC[80728e8]: Sending Packet[2] Change Cipher Spec(20) with length: 1
   |<7>| WRITE: Will write 6 bytes to 5.
   |<7>| WRITE: wrote 6 bytes to 5. Left 0 bytes. Total 6 bytes.
   |<7>| 0000 - 14 03 01 00 01 01
   |<4>| REC[80728e8]: Sent Packet[3] Change Cipher Spec(20) with length: 6
   |<9>| INT: PREMASTER SECRET[64]: (null)
   |<9>| INT: CLIENT RANDOM[32]: (null)
   |<9>| INT: SERVER RANDOM[32]: (null)
   |<9>| INT: MASTER SECRET: (null)
   |<9>| INT: KEY BLOCK[136]: (null)
   |<9>| INT: CLIENT WRITE KEY [32]: (null)
   |<9>| INT: SERVER WRITE KEY [32]: (null)
   |<3>| HSK[80728e8]: Cipher Suite: DHE_RSA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Initializing internal [write] cipher sessions
   |<6>| BUF[HSK]: Peeked 0 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer



Hollenbeck                                                     [Page 17]

                     RFC 3749 Implementation Report        December 2004


   |<3>| HSK[80728e8]: FINISHED was send [16 bytes]
   |<6>| BUF[HSK]: Peeked 0 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<4>| REC[80728e8]: Sending Packet[0] Handshake(22) with length: 16
   |<7>| WRITE: Will write 85 bytes to 5.
   |<7>| WRITE: wrote 85 bytes to 5. Left 0 bytes. Total 85 bytes.
   |<7>| 0000 - 16 03 01 00 50 2f 45 fb 79 12 56 5a 89 2c ec e2
   |<7>| 0001 - 66 df bf b2 42 98 88 2e f3 ce ca 0d ec 36 62 59
   |<7>| 0002 - bf 35 c5 92 bd fa 44 18 90 e4 7e cc d8 b2 19 e3
   |<7>| 0003 - 44 ce e1 af 64 6f e1 af b3 73 b5 5e f8 bc 5d 53
   |<7>| 0004 - 78 1b 78 99 4c 2c 48 4c ee f7 00 f0 c9 77 d4 d2
   |<7>| 0005 - e4 96 ef c5 8e
   |<4>| REC[80728e8]: Sent Packet[1] Handshake(22) with length: 85
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 14 03 01 00 01
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[4] Change Cipher Spec(20) with length: 1
   |<4>| REC[80728e8]: Received Packet[4] Change Cipher Spec(20) with length: 1
   |<7>| READ: Got 1 bytes from 5
   |<7>| READ: read 1 bytes from 5
   |<7>| 0000 - 01
   |<7>| RB: Have 5 bytes into buffer. Adding 1 bytes.
   |<7>| RB: Requested 6 bytes
   |<4>| REC[80728e8]: ChangeCipherSpec Packet was received
   |<3>| HSK[80728e8]: Cipher Suite: DHE_RSA_AES_256_CBC_SHA
   |<3>| HSK[80728e8]: Initializing internal [read] cipher sessions
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 16 03 01 00 30
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[0] Handshake(22) with length: 1
   |<4>| REC[80728e8]: Received Packet[0] Handshake(22) with length: 48
   |<7>| READ: Got 48 bytes from 5
   |<7>| READ: read 48 bytes from 5
   |<7>| 0000 - d7 71 f6 d9 4c 41 3a aa d6 8a 0a 97 40 aa 56 f3
   |<7>| 0001 - 4e e5 10 ce 3f a2 05 d8 9c a4 ec b3 ca 4f 97 e5
   |<7>| 0002 - 1a 08 6e 1b 1e 0f 4e 25 8b a8 62 d2 54 9e e5 bb
   |<7>| 0003 -
   |<7>| RB: Have 5 bytes into buffer. Adding 48 bytes.
   |<7>| RB: Requested 53 bytes
   |<4>| REC[80728e8]: Decrypted Packet[0] Handshake(22) with length: 16
   |<6>| BUF[HSK]: Inserted 16 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 1 bytes of Data(22)
   |<6>| BUF[REC][HD]: Read 3 bytes of Data(22)
   |<3>| HSK[80728e8]: FINISHED was received [16 bytes]



Hollenbeck                                                     [Page 18]

                     RFC 3749 Implementation Report        December 2004


   |<6>| BUF[REC][HD]: Read 12 bytes of Data(22)
   |<6>| BUF[HSK]: Peeked 0 bytes of Data
   |<6>| BUF[HSK]: Emptied buffer
   |<6>| BUF[HSK]: Inserted 4 bytes of Data
   |<6>| BUF[HSK]: Inserted 12 bytes of Data
   |<6>| BUF[HSK]: Cleared Data from buffer
   |<2>| ASSERT: ext_server_name.c:229
   - Certificate type: X.509
    - Got a certificate list of 1 certificates.

    - Certificate[0] info:
    # The hostname in the certificate does NOT match 'www.openssl.org'.
    # valid since: Tue Oct 17 00:31:03 CEST 2000
    # expires at: Tue Jan 14 23:31:03 CET 2003
    # fingerprint: 4A:CE:36:44:5F:5A:B4:BB:CC:2B:9D:D5:5E:2F:0E:3A
    # Subject's DN: C=AU,ST=Queensland,O=CryptSoft Pty Ltd,CN=Server test cert (512 bit)
    # Issuer's DN: C=AU,ST=Queensland,O=CryptSoft Pty Ltd,CN=Test CA (1024 bit)

   |<2>| ASSERT: verify.c:221
   |<2>| ASSERT: verify.c:331

   - Peer's certificate issuer is unknown
   - Peer's certificate is NOT trusted
   - Version: TLS 1.0
   - Key Exchange: DHE RSA
   - Cipher: AES 256 CBC
   - MAC: SHA
   - Compression: DEFLATE
   - Handshake was completed

   - Simple Client Mode:

   |<4>| REC[80728e8]: Sending Packet[1] Application Data(23) with length: 6
   |<7>| WRITE: Will write 213 bytes to 5.
   |<7>| WRITE: wrote 213 bytes to 5. Left 0 bytes. Total 213 bytes.
   |<7>| 0000 - 17 03 01 00 d0 aa 9e 1e b7 6e 62 89 29 a4 ea 37
   |<7>| 0001 - 75 39 4c db 2c 48 4c 9d a5 32 10 9c 05 b5 e3 1c
   |<7>| 0002 - dd fb 84 ea ef a8 e8 ae 64 98 20 e5 81 1d 07 e6
   |<7>| 0003 - 2b 99 b3 5d 32 45 02 b8 84 90 29 5b 8e 31 a4 a7
   |<7>| 0004 - 70 16 0f 3f ce f9 4e 03 b2 3f 80 47 48 74 5d 10
   |<7>| 0005 - 70 85 53 81 3c c6 7c 0c 59 82 57 64 1c 88 16 ec
   |<7>| 0006 - 08 12 86 30 4e fc 2a b9 13 06 15 a8 52 45 ed ac
   |<7>| 0007 - e3 5c 6d 01 5e 5d 7b ff 59 ed 1c f6 0f a4 39 c3
   |<7>| 0008 - d2 ed 43 6a d1 4d 26 8a 03 b6 b7 89 7b c1 08 ff
   |<7>| 0009 - ef 10 44 94 b8 97 30 a5 97 d0 24 4e 98 ca 17 25
   |<7>| 000a - aa a8 f3 06 21 6a 79 70 ce 07 b3 ad 82 38 17 80
   |<7>| 000b - 17 d8 a1 f6 16 bf 9b 8e 15 8b 47 4d b5 1d 29 86
   |<7>| 000c - 59 50 86 74 81 0f 8c 42 47 8a 5d f9 3c 02 df 5c



Hollenbeck                                                     [Page 19]

                     RFC 3749 Implementation Report        December 2004


   |<7>| 000d - 04 a5 ed b2 97
   |<4>| REC[80728e8]: Sent Packet[2] Application Data(23) with length: 213
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 17 03 01 00 20
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[1] Application Data(23) with length: 4096
   |<4>| REC[80728e8]: Received Packet[1] Application Data(23) with length: 32
   |<7>| READ: Got 31 bytes from 5
   |<7>| READ: read 31 bytes from 5
   |<7>| 0000 - 46 91 9e 82 ff dc f3 54 88 10 7f 34 7e 31 67 68
   |<7>| 0001 - a7 53 a8 61 cc 39 76 c0 70 50 bb b5 aa aa b2
   |<7>| RB: Have 5 bytes into buffer. Adding 31 bytes.
   |<7>| RB: Requested 37 bytes
   |<7>| READ: Got 1 bytes from 5
   |<7>| READ: read 1 bytes from 5
   |<7>| 0000 - d6
   |<7>| RB-PEEK: Read 1 bytes in PEEK MODE.
   |<7>| RB-PEEK: Have 36 bytes into buffer. Adding 1 bytes.
   RB: Requested 37 bytes
   |<4>| REC[80728e8]: Decrypted Packet[1] Application Data(23) with length: 0
   |<6>| BUFFER[REC][AD]: Read 0 bytes of Data(23)
   |<7>| READ: Got 1 bytes from 5
   |<7>| READ: read 1 bytes from 5
   |<7>| 0000 - d6
   |<7>| READ: Got 5 bytes from 5
   |<7>| READ: read 5 bytes from 5
   |<7>| 0000 - 17 03 01 04 00
   |<7>| RB: Have 0 bytes into buffer. Adding 5 bytes.
   |<7>| RB: Requested 5 bytes
   |<4>| REC[80728e8]: Expected Packet[2] Application Data(23) with length: 4096
   |<4>| REC[80728e8]: Received Packet[2] Application Data(23) with length: 1024
   |<7>| READ: Got 1023 bytes from 5
   |<7>| READ: read 1023 bytes from 5
   |<7>| 0000 - b0 01 5a 04 d1 6d 7c 6f f0 4f 6a aa a1 c8 4b 97
   |<7>| 0001 - ba 0c be 9f eb 63 91 1b 8a 4e 73 d2 98 a8 43 f3
   |<7>| 0002 - b6 2d 66 65 25 5a 9e 83 32 16 0d 57 db b3 1d 9e
   |<7>| 0003 - af 65 c9 39 a7 64 a0 c1 e8 c1 fc d5 34 d5 6b 66
   |<7>| 0004 - cd 21 6b 4d c2 75 6d c9 71 54 b0 3a 2e 98 1d f9
   |<7>| 0005 - c5 f0 96 4d de 66 12 85 06 e9 a1 0b 69 09 7c d7
   |<7>| 0006 - b3 d2 6e f2 52 0f 88 ee 5d 35 34 17 38 bb 2f f2
   |<7>| 0007 - a1 46 a7 d5 e0 d7 39 4b 4c 77 64 d0 aa 3f 3c 30
   |<7>| 0008 - b3 a3 1a 1e 4a 3f 90 76 15 a3 d8 a7 49 8f d6 29
   |<7>| 0009 - bc f1 23 ea f3 c3 d8 89 e4 6d 8d e0 c6 07 70 a7
   |<7>| 000a - f9 35 79 6b a4 3d d8 45 1b 7d 8f 80 69 09 29 85
   |<7>| 000b - cf 21 f2 ef 72 54 bf e3 be ee 71 9d 8c 62 7d fc
   |<7>| 000c - d3 65 d4 97 82 7d d0 9a cd f6 c8 15 ad f2 8b 95



Hollenbeck                                                     [Page 20]

                     RFC 3749 Implementation Report        December 2004


   |<7>| 000d - 35 ae ea 58 2a 8e 0c 5a 39 09 cf 8e c0 53 5d 82
   |<7>| 000e - ff 3a 74 d4 8f 2d 68 65 36 2e 3b cd 94 df 3c 12
   |<7>| 000f - d7 92 93 4f 65 38 20 5c 35 73 c7 72 cf e4 0e a8
   |<7>| 0010 - 42 8c 00 a8 12 be f1 bf 38 9d 8f 7f a8 20 12 11
   |<7>| 0011 - 34 80 69 35 e6 ec f9 94 02 9c 01 a0 ba 02 93 e0
   |<7>| 0012 - fd ef 74 01 dd 03 73 ad fb 2d 23 38 e3 6f 2e 5d
   |<7>| 0013 - 88 94 ed 4f 05 5c 06 55 3a 88 a4 20 a5 a4 46 a8
   |<7>| 0014 - 02 9b ae 35 ae 80 d8 09 15 d4 4e 9e 60 57 35 8b
   |<7>| 0015 - b5 4b c8 6c a5 3b 05 fe 46 e3 36 13 81 a5 2d 7b
   |<7>| 0016 - e2 93 52 bc 0a ca 3c 60 9f 9f 93 55 98 31 c6 45
   |<7>| 0017 - 6a 9b dd 1b 48 67 a3 81 74 9e 40 3e f4 66 7c ca
   |<7>| 0018 - c0 cf 79 01 21 42 9f c9 4a ed 42 ec af 21 16 5a
   |<7>| 0019 - 64 03 f2 7a 11 f4 0e c4 b0 46 b6 b6 55 12 30 5d
   |<7>| 001a - cc 49 bf ba 4c 24 0e 6c 93 f2 1e c9 c4 dc 93 9d
   |<7>| 001b - b9 23 37 a3 1d 70 2e 8c 58 a4 8b 52 85 14 ee 0d
   |<7>| 001c - eb 1a ab c3 a8 3f 40 a1 89 44 06 75 b6 e5 6b 19
   |<7>| 001d - 54 9f 9e c6 6c d1 b4 88 b5 72 eb 17 d2 1a 8d 12
   |<7>| 001e - 1b 52 85 a9 b6 0e dc ef ee 6f fb c3 a5 d5 b9 49
   |<7>| 001f - 45 fe 83 4c 29 8d 05 95 c9 47 c1 e7 69 62 0b d4
   |<7>| 0020 - 98 62 2d d1 3b 26 e8 88 36 63 0a 4b 1c 19 2b 69
   |<7>| 0021 - e0 e1 a7 24 ef db a0 ce dd 63 cf ca e1 af 17 ee
   |<7>| 0022 - 1b 8c 89 93 ac 3b 03 0b d8 1b c8 36 07 30 83 bc
   |<7>| 0023 - ca 52 8e a1 d8 89 c2 96 a3 03 4a 57 1d 15 db 5c
   |<7>| 0024 - e4 3e d0 3d a3 44 07 cc 7d 69 7a f1 ee d1 64 1f
   |<7>| 0025 - ae a9 2d fe 65 28 94 0d 13 a2 6a 6d bc 7b 30 52
   |<7>| 0026 - b7 75 0f 28 85 23 27 5e 0d 2e c8 f7 9f 09 34 31
   |<7>| 0027 - 30 b5 fc 54 8d 6f c6 86 c1 5d 9a 06 87 86 35 a1
   |<7>| 0028 - b2 f0 77 52 b8 56 2f 21 bf 00 4e 47 a2 87 9e 1c
   |<7>| 0029 - 90 2a 41 7b d2 d3 da 2b 22 73 88 32 11 e0 be 0c
   |<7>| 002a - 80 5a 1f 04 c0 16 77 64 f8 d3 cd c8 45 8a b3 88
   |<7>| 002b - e9 84 97 e6 28 55 05 83 76 95 be d1 a2 26 23 19
   |<7>| 002c - 28 6e a5 7b 9b 3e 73 65 fa 86 bb ad 48 c1 8d e3
   |<7>| 002d - 5a 49 5f 57 02 56 5b b5 be 90 c6 90 4b a3 eb e5
   |<7>| 002e - 6f 47 f2 de a9 10 e2 bb 61 84 91 74 d2 77 63 77
   |<7>| 002f - cc df 66 a7 26 8e 8b ae db 23 24 26 4f 8b c4 79
   |<7>| 0030 - 9d 76 95 e5 1b 83 9b b4 de fd d1 69 bb 26 ff 13
   |<7>| 0031 - e4 f7 c9 44 fa 02 3b e6 d1 97 a6 bf 4e a2 12 8b
   |<7>| 0032 - 0b b7 66 3e ec 1b 3f 6c 99 25 36 db f1 ad 59 45
   |<7>| 0033 - 24 45 37 ab f7 50 d8 80 9b eb 16 53 35 5b 6e 7a
   |<7>| 0034 - aa 66 38 da a9 46 ea ac a8 47 89 30 41 83 b9 0b
   |<7>| 0035 - 66 90 9f 90 1c b7 93 d4 f0 f3 40 36 97 47 6f 78
   |<7>| 0036 - 8a 23 a7 b6 93 b9 7d a3 d3 2a e1 58 5b 0c 65 1c
   |<7>| 0037 - 22 c8 c9 c2 11 d7 0d 42 bd 67 63 06 66 f7 8f 7a
   |<7>| 0038 - ae 0c 39 93 cc 5e 4f 04 dc c1 0b 79 1e 12 d7 41
   |<7>| 0039 - d1 ed 43 64 0f 86 38 90 61 ff 65 42 97 4a 1f b5
   |<7>| 003a - d7 2c d6 8a 43 b2 84 08 91 33 a8 8f 40 12 2a 5c
   |<7>| 003b - b9 62 2e db f8 e4 8e 4d 3e f5 52 4e b0 63 ea d1
   |<7>| 003c - 5f de 3b e0 e3 b6 7f f9 a8 dd 4d 42 2a 97 81 0d



Hollenbeck                                                     [Page 21]

                     RFC 3749 Implementation Report        December 2004


   |<7>| 003d - 21 a6 40 c7 c8 7d 38 0a fa 61 1b 39 c3 c6 5e 5a
   |<7>| 003e - 9a 07 84 9c a3 40 6d 79 96 86 0e c1 df 98 cb ab
   |<7>| 003f - e7 1b 28 4b 50 63 b5 bf 4a c9 2c 41 b2 8f de
   |<7>| RB: Have 5 bytes into buffer. Adding 1023 bytes.
   |<7>| RB: Requested 1029 bytes
   |<7>| READ: Got 1 bytes from 5
   |<7>| READ: read 1 bytes from 5
   |<7>| 0000 - 45
   |<7>| RB-PEEK: Read 1 bytes in PEEK MODE.
   |<7>| RB-PEEK: Have 1028 bytes into buffer. Adding 1 bytes.
   RB: Requested 1029 bytes
   |<4>| REC[80728e8]: Decrypted Packet[2] Application Data(23) with length: 3248
   |<6>| BUF[REC]: Inserted 3248 bytes of Data(23)
   |<6>| BUFFER[REC][AD]: Read 3248 bytes of Data(23)
   |<7>| READ: Got 1 bytes from 5
   |<7>| READ: read 1 bytes from 5
   |<7>| 0000 - 45
   HTTP/1.0 200 ok
   Content-type: text/html

   


s_server -port 5678 -www
   Ciphers supported in s_server binary
   TLSv1/SSLv3:DHE-RSA-AES256-SHA       TLSv1/SSLv3:DHE-DSS-AES256-SHA
   TLSv1/SSLv3:AES256-SHA               TLSv1/SSLv3:EDH-RSA-DES-CBC3-SHA
   TLSv1/SSLv3:EDH-DSS-DES-CBC3-SHA     TLSv1/SSLv3:DES-CBC3-SHA
   SSLv2      :DES-CBC3-MD5             TLSv1/SSLv3:DHE-RSA-AES128-SHA
   TLSv1/SSLv3:DHE-DSS-AES128-SHA       TLSv1/SSLv3:AES128-SHA
   TLSv1/SSLv3:IDEA-CBC-SHA             SSLv2      :IDEA-CBC-MD5
   SSLv2      :RC2-CBC-MD5              TLSv1/SSLv3:DHE-DSS-RC4-SHA
   TLSv1/SSLv3:RC4-SHA                  TLSv1/SSLv3:RC4-MD5
   SSLv2      :RC4-MD5                  SSLv2      :RC4-64-MD5
   TLSv1/SSLv3:EXP1024-DHE-DSS-DES-CBC-SHATLSv1/SSLv3:EXP1024-DES-CBC-SHA
   TLSv1/SSLv3:EXP1024-RC2-CBC-MD5      TLSv1/SSLv3:EDH-RSA-DES-CBC-SHA
   TLSv1/SSLv3:EDH-DSS-DES-CBC-SHA      TLSv1/SSLv3:DES-CBC-SHA
   SSLv2      :DES-CBC-MD5              TLSv1/SSLv3:EXP1024-DHE-DSS-RC4-SHA
   TLSv1/SSLv3:EXP1024-RC4-SHA          TLSv1/SSLv3:EXP1024-RC4-MD5
   TLSv1/SSLv3:EXP-EDH-RSA-DES-CBC-SHA  TLSv1/SSLv3:EXP-EDH-DSS-DES-CBC-SHA
   TLSv1/SSLv3:EXP-DES-CBC-SHA          TLSv1/SSLv3:EXP-RC2-CBC-MD5
   SSLv2      :EXP-RC2-CBC-MD5          TLSv1/SSLv3:EXP-RC4-MD5
   SSLv2      :EXP-RC4-MD5
   ---
   Ciphers common between both SSL end points:
   DHE-RSA-AES256-SHA         DHE-RSA-AES128-SHA         ECDHE-RSA-AES128-SHA
   EDH-RSA-DES-CBC3-SHA       ECDHE-ECDSA-AES128-SHA     DHE-DSS-AES256-SHA
   DHE-DSS-AES128-SHA         EDH-DSS-DES-CBC3-SHA       DHE-DSS-RC4-SHA



Hollenbeck                                                     [Page 22]

                     RFC 3749 Implementation Report        December 2004


   AES256-SHA                 AES128-SHA                 DES-CBC3-SHA
   RC4-SHA                    RC4-MD5                    AECDH-DES-CBC-SHA
   EXP-ECDH-RSA-RC4-56-SHA    ECDH-RSA-AES128-SHA        AECDH-DES-CBC3-SHA
   AECDH-NULL-SHA             ECDH-RSA-AES256-SHA        AECDH-RC4-SHA
   EXP-ECDH-RSA-RC4-40-SHA    ECDH-RSA-DES-CBC3-SHA      EXP-RC4-MD5
   ADH-AES256-SHA             ADH-AES128-SHA             ADH-DES-CBC3-SHA
   ADH-RC4-MD5
   ---
   New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
   Compression: zlib compression
   Expansion: zlib compression
   SSL-Session:
       Protocol  : TLSv1
       Cipher    : DHE-RSA-AES256-SHA
       Session-ID: E73FC8D5C78D81D08EC61A7EB98D182BB5093B2012800093B57151EDE3566316
       Session-ID-ctx: 01000000
       Master-Key: 72A4D384420310BD3A78772B9CBFEA2435A90EDCE44638891CCB6F10423982BD82EC5C9A8158785957DEC9814FE44778
       Key-Arg   : None
      Compression: 1 (zlib compression)
       Start Time: 1103045580
       Timeout   : 300 (sec)
       Verify return code: 0 (ok)
   ---
     16 items in the session cache
      0 client connects (SSL_connect())
      0 client renegotiates (SSL_connect())
      0 client connects that finished
     20 server accepts (SSL_accept())
      0 server renegotiates (SSL_accept())
     18 server accepts that finished
      2 session cache hits
      1 session cache misses
      0 session cache timeouts
      0 callback cache hits
      0 cache full overflows (128 allowed)
   ---
   no client certificate available
   

|<4>| REC: Sending Alert[1|0] - Close notify
   |<4>| REC[80728e8]: Sending Packet[2] Alert(21) with length: 2
   |<7>| WRITE: Will write 69 bytes to 5.
   |<7>| WRITE: wrote 69 bytes to 5. Left 0 bytes. Total 69 bytes.
   |<7>| 0000 - 15 03 01 00 40 64 8d 52 7f 2a 9d 94 c0 26 04 c5
   |<7>| 0001 - 4d 7c 81 ac 66 af f8 d9 46 83 7c c6 96 dc 54 6b
   |<7>| 0002 - 3a 9e 0c c2 da 61 2a d9 22 28 6c 84 4f 33 44 e6
   |<7>| 0003 - 63 de 1a b4 c4 cd 74 c6 8b 00 26 cb 66 46 e1 ba
   |<7>| 0004 - aa 18 69 60 e4



Hollenbeck                                                     [Page 23]

                     RFC 3749 Implementation Report        December 2004


   |<4>| REC[80728e8]: Sent Packet[3] Alert(21) with length: 69
   |<7>| READ: Got 0 bytes from 5
   |<7>| READ: read 0 bytes from 5
   |<7>| 0000 -
   |<2>| ASSERT: gnutls_buffers.c:501
   |<2>| ASSERT: gnutls_record.c:793
   jas@latte:~$
   ******************** END LOG ********************

        Figure 2: GnuTLS 1.1.23 Client, OpenSSL 0.9.8-dev Server


4.  OpenSSL Log

   This log describes a TLS session between an OpenSSL client and a
   GnuTLS server.  The server uses GnuTLS version 1.0.16 as shipped with
   Debian GNU/Linux.  The client uses OpenSSL version 0.9.8-dev, the
   unreleased development version current as of 14 December 2004.

   ******************** BEGIN LOG ********************

   CONNECTED(00000003)
   write to 0x8d6ba60 [0x8d75908] (103 bytes => 103 (0x67))
   0000 - 16 03 01 00 62 01 00 00-5e 03 01 41 bf 2f f1 00   ....b...^..A./..
   0010 - 3a 0f fb 4e c3 4c fc 80-30 72 7e 56 9f 0d bd 30   :..N.L..0r~V...0
   0020 - 3c cf d0 13 b6 dc e0 1c-02 b4 6f 00 00 36 00 39   <.........o..6.9
   0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f   .8.5.......3.2./
   0040 - 00 07 00 66 00 05 00 04-00 63 00 62 00 61 00 15   ...f.....c.b.a..
   0050 - 00 12 00 09 00 65 00 64-00 60 00 14 00 11 00 08   .....e.d.`......
   0060 - 00 06 00 03 02 01                                 ......
   0067 - 
read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 00 4a                                    ....J
   read from 0x8d6ba60 [0x8d710d5] (74 bytes => 74 (0x4A))
   0000 - 02 00 00 46 03 01 41 bf-2f f6 94 b2 eb 12 77 cb   ...F..A./.....w.
   0010 - 1e 3b 99 52 d6 74 44 fa-d9 5e 43 6d 71 ab 69 67   .;.R.tD..^Cmq.ig
   0020 - c2 36 57 68 6a eb 20 9e-3e 0f 56 cb 55 c1 30 7c   .6Whj. .>.V.U.0|
   0030 - f1 80 4b 83 9f 87 3c e1-4f 1b e7 df 55 9d 6c 41   ..K...<.O...U.lA
   0040 - 01 c5 9f c2 35 76 77 00-16 01                     ....5vw...
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 03 18                                    .....
   read from 0x8d6ba60 [0x8d710d5] (792 bytes => 792 (0x318))
   0000 - 0b 00 03 14 00 03 11 00-03 0e 30 82 03 0a 30 82   ..........0...0.
   0010 - 02 73 a0 03 02 01 02 02-01 08 30 0d 06 09 2a 86   .s........0...*.
   0020 - 48 86 f7 0d 01 01 04 05-00 30 81 94 31 0b 30 09   H........0..1.0.
   0030 - 06 03 55 04 06 13 02 47-52 31 0f 30 0d 06 03 55   ..U....GR1.0...U
   0040 - 04 08 13 06 41 74 74 69-6b 69 31 0f 30 0d 06 03   ....Attiki1.0...
   0050 - 55 04 07 13 06 41 74 68-69 6e 61 31 0f 30 0d 06   U....Athina1.0..



Hollenbeck                                                     [Page 24]

                     RFC 3749 Implementation Report        December 2004


   0060 - 03 55 04 0a 13 06 47 4e-55 54 4c 53 31 14 30 12   .U....GNUTLS1.0.
   0070 - 06 03 55 04 0b 13 0b 47-4e 55 54 4c 53 20 64 65   ..U....GNUTLS de
   0080 - 76 2e 31 17 30 15 06 03-55 04 03 13 0e 47 4e 55   v.1.0...U....GNU
   0090 - 54 4c 53 20 54 45 53 54-20 43 41 31 23 30 21 06   TLS TEST CA1#0!.
   00a0 - 09 2a 86 48 86 f7 0d 01-09 01 16 14 67 6e 75 74   .*.H........gnut
   00b0 - 6c 73 2d 64 65 76 40 67-6e 75 70 67 2e 6f 72 67   ls-dev@gnupg.org
   00c0 - 30 1e 17 0d 30 33 30 36-31 34 30 38 32 37 34 37   0...030614082747
   00d0 - 5a 17 0d 31 33 30 36 31-31 30 38 32 37 34 37 5a   Z..130611082747Z
   00e0 - 30 81 97 31 0b 30 09 06-03 55 04 06 13 02 47 52   0..1.0...U....GR
   00f0 - 31 0f 30 0d 06 03 55 04-08 13 06 41 74 74 69 6b   1.0...U....Attik
   0100 - 69 31 0f 30 0d 06 03 55-04 07 13 06 41 74 68 69   i1.0...U....Athi
   0110 - 6e 61 31 0f 30 0d 06 03-55 04 0a 13 06 47 4e 55   na1.0...U....GNU
   0120 - 54 4c 53 31 1c 30 1a 06-03 55 04 0b 13 13 49 6e   TLS1.0...U....In
   0130 - 73 65 63 75 72 65 20 57-65 62 20 53 65 72 76 65   secure Web Serve
   0140 - 72 31 17 30 15 06 03 55-04 03 13 0e 77 77 77 2e   r1.0...U....www.
   0150 - 67 6e 75 74 6c 73 2e 6f-72 67 31 1e 30 1c 06 09   gnutls.org1.0...
   0160 - 2a 86 48 86 f7 0d 01 09-01 16 0f 6e 6d 61 76 40   *.H........nmav@
   0170 - 67 6e 75 74 6c 73 2e 6f-72 67 30 81 9f 30 0d 06   gnutls.org0..0..
   0180 - 09 2a 86 48 86 f7 0d 01-01 01 05 00 03 81 8d 00   .*.H............
   0190 - 30 81 89 02 81 81 00 f2-7d ba bc cc f0 f5 ac 41   0.......}......A
   01a0 - 00 78 61 29 65 ec a7 57-21 61 cc 1b 44 88 dd de   .xa)e..W!a..D...
   01b0 - 01 cf 4b 03 15 ad 30 4c-c1 98 8c 20 ac a0 08 2f   ..K...0L... .../
   01c0 - 58 83 fd 73 f9 c6 88 3f-ae ce f4 2a c5 b1 66 be   X..s...?...*..f.
   01d0 - ce b8 5f 46 d2 71 a8 a8-ab 17 e3 04 53 c2 50 4c   .._F.q......S.PL
   01e0 - 7a 28 bb 27 a4 94 85 5b-ab 8e b9 74 5c 2e 94 de   z(.'...[...t\...
   01f0 - 4c 47 b8 87 6e 79 69 43-9a cb 29 12 4a 93 42 30   LG..nyiC..).J.B0
   0200 - 62 f3 5d 84 02 40 01 d6-0a d3 2f 5b 41 c6 07 e9   b.]..@..../[A...
   0210 - aa 5e 81 d0 18 5f 23 02-03 01 00 01 a3 67 30 65   .^..._#......g0e
   0220 - 30 1f 06 03 55 1d 23 04-18 30 16 80 14 ef ee 94   0...U.#..0......
   0230 - ab c8 ca 57 7f 53 13 db-76 dc 1a 95 00 93 ba f3   ...W.S..v.......
   0240 - c9 30 34 06 03 55 1d 25-04 2d 30 2b 06 08 2b 06   .04..U.%.-0+..+.
   0250 - 01 05 05 07 03 01 06 08-2b 06 01 05 05 07 03 02   ........+.......
   0260 - 06 0a 2b 06 01 04 01 82-37 0a 03 03 06 09 60 86   ..+.....7.....`.
   0270 - 48 01 86 f8 42 04 01 30-0c 06 03 55 1d 13 01 01   H...B..0...U....
   0280 - ff 04 02 30 00 30 0d 06-09 2a 86 48 86 f7 0d 01   ...0.0...*.H....
   0290 - 01 04 05 00 03 81 81 00-b3 6c db 24 6a 14 c8 bc   .........l.$j...
   02a0 - ca 1f a0 9c 11 bb 8e c8-8c 94 14 d0 4e 62 98 01   ............Nb..
   02b0 - 36 7f 81 3b 5d c1 95 6f-17 4a 2b bf 30 15 78 6a   6..;]..o.J+.0.xj
   02c0 - 08 14 a3 df c0 29 c9 fb-a8 91 78 7f 7f 20 4c 9f   .....)....x.. L.
   02d0 - 43 26 2d 35 f0 0d 99 38-3a c9 d3 a9 79 ee 7d ff   C&-5...8:...y.}.
   02e0 - 64 ea 21 47 ec 54 5c ff-53 7e fd 9f 54 35 2f b5   d.!G.T\.S~..T5/.
   02f0 - 58 b0 7d cf fa 5d 65 1b-88 03 17 49 0e a1 ab ec   X.}..]e....I....
   0300 - 77 81 5c f0 4c 6c 25 2b-35 66 90 34 28 05 52 51   w.\.Ll%+5f.4(.RQ
   0310 - a1 7e 87 c2 71 f6 2f 1f-                          .~..q./.
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 01 4d                                    ....M
   read from 0x8d6ba60 [0x8d710d5] (333 bytes => 333 (0x14D))
   0000 - 0c 00 01 49 00 60 b5 66-d4 12 8c 4f 97 02 93 4c   ...I.`.f...O...L



Hollenbeck                                                     [Page 25]

                     RFC 3749 Implementation Report        December 2004


   0010 - 75 38 77 f5 25 4d c8 58-af d4 bb e0 3a 53 30 58   u8w.%M.X....:S0X
   0020 - 28 44 81 15 f7 2d 9c 3f-25 41 a9 41 3a 56 f6 01   (D...-.?%A.A:V..
   0030 - 17 67 3c 7f 13 24 6e fb-95 9b a6 96 ee 19 de a2   .g<..$n.........
   0040 - b4 c8 90 0d ab 71 87 a1-92 8b a9 6c b5 da b3 5f   .....q.....l..._
   0050 - b3 df 8a ed e1 f4 d3 60-49 ee 41 e2 15 b8 65 4f   .......`I.A...eO
   0060 - 52 64 04 1f 3c ff 00 01-05 00 60 3a 3e e6 00 86   Rd..<.....`:>...
   0070 - 3f 6f 32 02 b1 65 82 6a-41 68 14 52 6a 29 f3 ab   ?o2..e.jAh.Rj)..
   0080 - a1 c0 32 6c e3 51 02 0f-dc 81 f0 30 67 24 48 ab   ..2l.Q.....0g$H.
   0090 - 27 77 a5 aa 34 bc e6 65-17 f7 93 26 fe c6 1b 1c   'w..4..e...&....
   00a0 - 2b e6 3d d3 21 9e fa ef-d4 ba c8 31 b6 24 c2 31   +.=.!......1.$.1
   00b0 - 98 ac 03 e7 11 ef 24 76-40 d3 b5 6a 68 11 6d 0c   ......$v@..jh.m.
   00c0 - 70 74 41 af 88 a5 76 79-c2 2b 2e 00 80 a3 bb 97   ptA...vy.+......
   00d0 - 40 54 2c 44 50 82 28 00-f2 d8 39 11 aa 5a 55 16   @T,DP.(...9..ZU.
   00e0 - e5 62 0c 3a ff ec a8 dc-54 b6 d3 69 c8 c6 07 9d   .b.:....T..i....
   00f0 - ad e5 3f 36 89 93 6d 97-33 96 10 a1 05 86 29 45   ..?6..m.3.....)E
   0100 - 47 2a aa 44 b9 bc ae b7-53 d0 9e b7 c0 f2 a9 0f   G*.D....S.......
   0110 - b7 92 27 b7 9c 8f 0b 00-00 83 ab ab 03 69 ff 8f   ..'..........i..
   0120 - 76 34 b4 fc d4 f7 ec 68-d3 87 f0 f2 ac b9 8e f9   v4.....h........
   0130 - 45 dc b9 48 a0 c0 28 fc-3b 2a f6 87 ff 9d d8 92   E..H..(.;*......
   0140 - f7 88 83 03 eb e3 b3 c8-51 8f fe 1d 35            ........Q...5
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 00 a2                                    .....
   read from 0x8d6ba60 [0x8d710d5] (162 bytes => 149 (0x95))
   0000 - 0d 00 00 9e 02 01 02 00-99 00 97 30 81 94 31 0b   ...........0..1.
   0010 - 30 09 06 03 55 04 06 13-02 47 52 31 0f 30 0d 06   0...U....GR1.0..
   0020 - 03 55 04 08 13 06 41 74-74 69 6b 69 31 0f 30 0d   .U....Attiki1.0.
   0030 - 06 03 55 04 07 13 06 41-74 68 69 6e 61 31 0f 30   ..U....Athina1.0
   0040 - 0d 06 03 55 04 0a 13 06-47 4e 55 54 4c 53 31 14   ...U....GNUTLS1.
   0050 - 30 12 06 03 55 04 0b 13-0b 47 4e 55 54 4c 53 20   0...U....GNUTLS
   0060 - 64 65 76 2e 31 17 30 15-06 03 55 04 03 13 0e 47   dev.1.0...U....G
   0070 - 4e 55 54 4c 53 20 54 45-53 54 20 43 41 31 23 30   NUTLS TEST CA1#0
   0080 - 21 06 09 2a 86 48 86 f7-0d 01 09 01 16 14 67 6e   !..*.H........gn
   0090 - 75 74 6c 73 2d                                    utls-
   read from 0x8d6ba60 [0x8d7116a] (13 bytes => 13 (0xD))
   0000 - 64 65 76 40 67 6e 75 70-67 2e 6f 72 67            dev@gnupg.org
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 00 04                                    .....
   read from 0x8d6ba60 [0x8d710d5] (4 bytes => 4 (0x4))
   0000 - 0e                                                .
   0004 - 
write to 0x8d6ba60 [0x8d7b340] (12 bytes => 12 (0xC))
   0000 - 16 03 01 00 07 0b 00 00-03                        .........
   000c - 
write to 0x8d6ba60 [0x8d7b340] (107 bytes => 107 (0x6B))
   0000 - 16 03 01 00 66 10 00 00-62 00 60 63 a8 d7 59 38   ....f...b.`c..Y8
   0010 - 8c 9c fb 15 a4 57 29 31-c4 ab 28 e5 64 26 5a af   .....W)1..(.d&Z.
   0020 - 4c b2 7a fd 7b dd 14 28-e3 a9 51 c9 b7 fe dd f8   L.z.{..(..Q.....
   0030 - dd ac 48 36 40 60 68 30-1b 10 11 23 56 48 95 27   ..H6@`h0...#VH.'



Hollenbeck                                                     [Page 26]

                     RFC 3749 Implementation Report        December 2004


   0040 - de a7 95 97 71 be 12 e8-ff 26 6a 06 f0 1a dc a2   ....q....&j.....
   0050 - 94 a3 41 5f 49 63 6b 5f-8c ac 8b d2 13 2c 60 d4   ..A_Ick_.....,`.
   0060 - a8 93 e3 b3 f4 2f 41 08-41 5f 41                  ...../A.A_A
   write to 0x8d6ba60 [0x8d7b340] (6 bytes => 6 (0x6))
   0000 - 14 03 01 00 01 01                                 ......
   write to 0x8d6ba60 [0x8d7b340] (53 bytes => 53 (0x35))
   0000 - 16 03 01 00 30 70 5a d9-36 13 18 4a 04 63 cf 55   ....0pZ.6..J.c.U
   0010 - ce e2 99 0f 46 03 66 42-c3 cd 64 51 4a ee 83 35   ....F.fB..dQJ..5
   0020 - 57 93 5d bc 7a 6c b5 f0-90 58 30 0c 4d 1a cc 15   W.].zl...X0.M...
   0030 - 4a f5 28 c0 c0                                    J.(..
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 14 03 01 00 01                                    .....
   read from 0x8d6ba60 [0x8d710d5] (1 bytes => 1 (0x1))
   0000 - 01                                                .
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 16 03 01 00 38                                    ....8
   read from 0x8d6ba60 [0x8d710d5] (56 bytes => 56 (0x38))
   0000 - 51 df 1d 79 bf 32 34 45-5d 4c 2d 7c 24 13 39 01   Q..y.24E]L-|$.9.
   0010 - d7 1a df 34 ae 06 f2 d3-e5 08 b8 d0 bb 74 cc da   ...4.........t..
   0020 - 17 7d 39 51 5e 77 c0 a9-d9 9c cd a2 fe 60 b2 3a   .}9Q^w.......`.:
   0030 - 8f a7 56 b8 36 9f 3c ec-                          ..V.6.<.
   ---
   Certificate chain
    0 s:/C=GR/ST=Attiki/L=Athina/O=GNUTLS/OU=Insecure Web Server/CN=www.gnutls.org/emailAddress=nmav@gnutls.org
      i:/C=GR/ST=Attiki/L=Athina/O=GNUTLS/OU=GNUTLS dev./CN=GNUTLS TEST CA/emailAddress=gnutls-dev@gnupg.org
   ---
   Server certificate
   -----BEGIN CERTIFICATE-----
   MIIDCjCCAnOgAwIBAgIBCDANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCR1Ix
   DzANBgNVBAgTBkF0dGlraTEPMA0GA1UEBxMGQXRoaW5hMQ8wDQYDVQQKEwZHTlVU
   TFMxFDASBgNVBAsTC0dOVVRMUyBkZXYuMRcwFQYDVQQDEw5HTlVUTFMgVEVTVCBD
   QTEjMCEGCSqGSIb3DQEJARYUZ251dGxzLWRldkBnbnVwZy5vcmcwHhcNMDMwNjE0
   MDgyNzQ3WhcNMTMwNjExMDgyNzQ3WjCBlzELMAkGA1UEBhMCR1IxDzANBgNVBAgT
   BkF0dGlraTEPMA0GA1UEBxMGQXRoaW5hMQ8wDQYDVQQKEwZHTlVUTFMxHDAaBgNV
   BAsTE0luc2VjdXJlIFdlYiBTZXJ2ZXIxFzAVBgNVBAMTDnd3dy5nbnV0bHMub3Jn
   MR4wHAYJKoZIhvcNAQkBFg9ubWF2QGdudXRscy5vcmcwgZ8wDQYJKoZIhvcNAQEB
   BQADgY0AMIGJAoGBAPJ9urzM8PWsQQB4YSll7KdXIWHMG0SI3d4Bz0sDFa0wTMGY
   jCCsoAgvWIP9c/nGiD+uzvQqxbFmvs64X0bScaioqxfjBFPCUEx6KLsnpJSFW6uO
   uXRcLpTeTEe4h255aUOayykSSpNCMGLzXYQCQAHWCtMvW0HGB+mqXoHQGF8jAgMB
   AAGjZzBlMB8GA1UdIwQYMBaAFO/ulKvIyld/UxPbdtwalQCTuvPJMDQGA1UdJQQt
   MCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMAwG
   A1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEAs2zbJGoUyLzKH6CcEbuOyIyU
   FNBOYpgBNn+BO13BlW8XSiu/MBV4aggUo9/AKcn7qJF4f38gTJ9DJi018A2ZODrJ
   06l57n3/ZOohR+xUXP9Tfv2fVDUvtViwfc/6XWUbiAMXSQ6hq+x3gVzwTGwlKzVm
   kDQoBVJRoX6HwnH2Lx8=
   -----END CERTIFICATE-----
   subject=/C=GR/ST=Attiki/L=Athina/O=GNUTLS/OU=Insecure Web Server/CN=www.gnutls.org/emailAddress=nmav@gnutls.org
   issuer=/C=GR/ST=Attiki/L=Athina/O=GNUTLS/OU=GNUTLS dev./CN=GNUTLS TEST CA/emailAddress=gnutls-dev@gnupg.org



Hollenbeck                                                     [Page 27]

                     RFC 3749 Implementation Report        December 2004


   ---
   Acceptable client certificate CA names
   /C=GR/ST=Attiki/L=Athina/O=GNUTLS/OU=GNUTLS dev./CN=GNUTLS TEST CA/emailAddress=gnutls-dev@gnupg.org
   ---
   SSL handshake has read 1457 bytes and written 281 bytes
   ---
   New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
   Server public key is 1024 bit
   Compression: zlib compression
   Expansion: zlib compression
   SSL-Session:
       Protocol  : TLSv1
       Cipher    : EDH-RSA-DES-CBC3-SHA
       Session-ID: 9E3E0F56CB55C1307CF1804B839F873CE14F1BE7DF559D6C4101C59FC2357677
       Session-ID-ctx:
       Master-Key: 1D452CA8695895D2C4FEE7F33AFE67F948767ECA4097F768D0981A3847FB24B2A41C6D25969DAFF78570D6E8B0BC7A59
       Key-Arg   : None
       Compression: 1 (zlib compression)
       Start Time: 1103048689
       Timeout   : 7200 (sec)
       Verify return code: 21 (unable to verify the first certificate)
   ---
   write to 0x8d6ba60 [0x8d75908] (74 bytes => 74 (0x4A))
   0000 - 17 03 01 00 18 8d de 1a-a2 04 14 4c 3c ac de a8   ...........L<...
   0010 - cf f6 90 62 df 31 76 09-a6 75 50 c5 71 17 03 01   ...b.1v..uP.q...
   0020 - 00 28 54 bd 4f a3 ea 5f-c8 23 f7 f4 ff ea cd f1   .(T.O.._.#......
   0030 - b5 60 94 bb bb 81 79 33-02 98 2a 01 6c 20 a7 af   .`....y3..*.l ..
   0040 - fa e3 4e ec 89 7e a3 69-4d cf                     ..N..~.iM.
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 17 03 01 03 c8                                    .....
   read from 0x8d6ba60 [0x8d710d5] (968 bytes => 968 (0x3C8))
   0000 - 31 bb ac fc c5 5e eb 23-a6 40 98 70 b6 de 19 2d   1....^.#.@.p...-
   0010 - 76 ca 89 59 2e dc 24 2a-f0 db eb dd b3 11 5f d0   v..Y..$*......_.
   0020 - 91 84 b4 c6 7e dc c5 c2-76 89 aa 06 f8 8a 90 e4   ....~...v.......
   0030 - 6d 04 6e 32 4c 06 f9 63-f1 85 63 a8 f5 ee 85 c7   m.n2L..c..c.....
   0040 - 60 29 68 6b 10 db ad f5-66 ea fa 2f 74 a1 14 1f   `)hk....f../t...
   0050 - a7 f7 d7 fc d3 d4 f3 bb-d1 7d e1 a0 cf 3a 73 33   .........}...:s3
   0060 - 81 0e b9 f2 80 3f 98 02-96 fc 33 75 56 f1 5b ee   .....?....3uV.[.
   0070 - 48 2f f1 71 8d c0 59 4e-47 83 fb 48 21 01 52 33   H/.q..YNG..H!.R3
   0080 - 86 03 0a a0 4e 15 75 b6-0a 7b 5c 65 d5 47 a4 78   ....N.u..{\e.G.x
   0090 - d0 ae f3 cb 92 4e ba fd-b3 dc 28 f5 de 89 c6 10   .....N....(.....
   00a0 - 6c d6 18 8a 5a bc b8 ad-5d 28 01 55 3b ff 15 d7   l...Z...](.U;...
   00b0 - 0e 0a 74 40 1e 4a 80 c5-19 5a ee f5 be 5c 83 73   ..t@.J...Z...\.s
   00c0 - e1 ac 57 bd f2 c2 d5 3b-cd 8a 31 0a 97 b8 7f ae   ..W....;..1.....
   00d0 - b2 7e f9 6b e1 0c 6a 3a-d8 af cf 6d 6e 28 ce c3   .~.k..j:...mn(..
   00e0 - 87 d8 63 63 28 0c 80 b1-97 51 a6 d8 76 1f 55 aa   ..cc(....Q..v.U.
   00f0 - e7 0b aa 98 b7 d3 c2 75-c8 a4 f2 2e 0c 76 cd 9b   .......u.....v..
   0100 - 4d 93 47 e1 3f 74 49 65-13 8e 4e 7f ad cd 35 f8   M.G.?tIe..N...5.



Hollenbeck                                                     [Page 28]

                     RFC 3749 Implementation Report        December 2004


   0110 - 2c b1 c7 80 b0 2e c5 8d-fe 60 48 d9 2d 8d f7 1a   ,........`H.-...
   0120 - 3f 1a 39 07 7f e4 a1 a0-c8 f9 2c da ba c0 60 d6   ?.9.......,...`.
   0130 - 68 22 c3 ef b4 2c ad b8-1e bd a1 4b 11 72 1b b4   h"...,.....K.r..
   0140 - e3 97 46 5d ab 09 f0 b4-92 db c3 47 f5 32 eb 3c   ..F].......G.2.<
0150 - 56 8a 82 35 77 22 a4 7f-58 8d b3 ce 1b 08 18 8b   V..5w"..X.......
   0160 - 69 c8 ef 31 0b ea 64 31-f6 c9 d2 d7 4a 23 99 d5   i..1..d1....J#..
   0170 - d9 fe 4f f9 a8 e3 16 63-2c 84 10 20 e7 5b f8 a8   ..O....c,.. .[..
   0180 - 29 ff 73 ba 67 81 17 4e-ac 6a 41 95 65 6f fc 7b   ).s.g..N.jA.eo.{
   0190 - 10 79 0e e9 08 ca ee 46-75 47 36 7c 7f 6d db 20   .y.....FuG6|.m.
   01a0 - 1d cd f4 38 67 e5 88 51-76 ba b1 59 15 57 16 52   ...8g..Qv..Y.W.R
   01b0 - 1a 3c 98 28 16 ca 7a 4c-b8 f1 45 f5 0d 78 0f 29   .<.(..zL..E..x.)
   01c0 - 64 b7 89 42 53 95 f2 bf-65 c5 b3 2e 93 c7 6d f8   d..BS...e.....m.
   01d0 - 01 e7 4f 82 64 70 61 fe-c1 3b 4f 39 39 d6 10 7d   ..O.dpa..;O99..}
   01e0 - 25 87 69 6d 85 9c 29 34-a1 47 99 4e fa 5e 76 32   %.im..)4.G.N.^v2
   01f0 - 6a 04 b3 43 ab bd 7b 59-e0 77 49 ec a4 e0 ce 9e   j..C..{Y.wI.....
   0200 - cd 0b a9 6b e2 35 62 20-ea 41 6c 8d 36 ab df 27   ...k.5b .Al.6..'
   0210 - e5 ff 24 00 36 fb 2f c5-96 ba cb 62 15 6d 89 64   ..$.6./....b.m.d
   0220 - cc 55 93 03 a8 19 b6 59-61 ff e3 e4 18 ce 9f bb   .U.....Ya.......
   0230 - b2 42 43 2d c5 14 74 e4-52 3f 7f f4 0d 10 1c c1   .BC-..t.R?......
   0240 - 7c 39 74 7c 97 2a 7b 2c-28 9e de d1 d5 b9 8a 25   |9t|.*{,(......%
   0250 - b0 30 1f 23 de ea ab ed-8a 83 37 3d 6b 38 b8 cf   .0.#......7=k8..
   0260 - 36 e5 f6 35 8b d0 6d 57-97 55 11 72 5d 92 05 92   6..5..mW.U.r]...
   0270 - 9a ec d7 88 0e 27 28 aa-40 b7 a8 6f 8b 8d 0e f0   .....'(.@..o....
   0280 - 36 fb 01 66 3f 5a df 5f-f3 15 6d 5c fb 63 6d 85   6..f?Z._..m\.cm.
   0290 - 0f 9c 52 18 1b 37 93 85-e2 68 0b 75 76 c8 ee 94   ..R..7...h.uv...
   02a0 - 04 19 39 0a d8 86 ed e0-de 5c 98 85 45 04 da 53   ..9......\..E..S
   02b0 - 6b ca ac cd e0 26 e6 4b-1f 9e a0 c6 f1 a8 18 b4   k....&.K........
   02c0 - 37 2b 7f df 17 a8 f5 d0-2c be b3 b5 31 17 37 d1   7+......,...1.7.
   02d0 - 96 8f ce 25 f4 42 33 ef-c8 f2 9c 25 63 a4 bb ce   ...%.B3....%c...
   02e0 - c7 78 05 03 b9 e8 49 7a-e2 f8 d2 66 e3 ce 8b 7c   .x....Iz...f...|
   02f0 - 42 d7 17 b1 3a f2 f8 68-c4 8e ab 09 05 d3 eb 86   B...:..h........

   


This is Hydra web server using
   GnuTLS






Hello visitor from 80.177.30.10.
   






Hollenbeck                                                     [Page 29]

                     RFC 3749 Implementation Report        December 2004


   



Server version:Hydra/0.1.7


TLS Library version:GnuTLS/1.0.16


Session ID:9e3e0f56cb55c1307cf1804b839f873ce14f1be7df559d6c4101c59fc2357677


Protocol version:TLS 1.0


TLS/SSL cipher suite:DHE_RSA_3DES_EDE_CBC_SHA
Cipher key size:192


Cipher export status:false


Server's certificate DN:C=GR,ST=Attiki,L=Athina,O=GNUTLS,OU=Insecure Web Server,CN=www.gnutls.org,EMAIL=nmav@gnutls.org



Server's certificate activation time:Jun 14  8:27:00 2003 GMT


Server's certificate expiration time:Jun 11  8:27:00 2013 GMT


Server's certificate serial:08


Server's Issuer certificate DN:C=GR,ST=Attiki,L=Athina,O=GNUTLS,OU=GNUTLS dev.,CN=GNUTLS TEST CA,EMAIL=gnutls-dev@gnupg.org



Client's certificate verification status:NONE







If your browser supports session resuming, then you should see the
   same session ID, when you press the reload button.

This server supports the server_name TLS extension and will be printed if
   your browser supports it.





0300 - 7c 09 1f 0c 18 7d 07 f2-20 8f 27 6c 7b 2d 95 25   |....}.. .'l{-.%
   0310 - 26 a3 c0 16 ee c6 ec 89-69 0d 6a 97 d5 78 79 03   &.......i.j..xy.
   0320 - 08 9a 92 e4 e7 0e 8b 65-2a f1 f3 a9 41 f3 61 bf   .......e*...A.a.
   0330 - 17 30 77 3c 9a a2 35 c1-9a 99 d6 13 93 4d 98 4d   .0w<..5......M.M
   0340 - 85 ee f8 75 c7 06 53 dd-94 06 1c 42 63 f0 ce c8   ...u..S....Bc...
   0350 - ac a0 c1 8f 0e f0 cf 08-b6 f5 7a 96 1a 91 b2 a9   ..........z.....
   0360 - f5 15 aa 8b 96 7e 0e bd-b0 df 57 3c 49 a6 6e 44   .....~....W.y.R..Ki..|
   03c0 - 08 12 d1 26 2f 6d 71 91-                          ...&/mq.
   read from 0x8d6ba60 [0x8d710d0] (5 bytes => 5 (0x5))
   0000 - 15 03 01 00 90                                    .....
   read from 0x8d6ba60 [0x8d710d5] (144 bytes => 144 (0x90))
   0000 - 06 23 7c 6b 28 4c 45 2a-5b 0f 55 d1 fa d2 1e a9   .#|k(LE*[.U.....
   0010 - 84 9b 7e 4b 6f 87 98 ca-3d 2f 1a f7 51 45 04 72   ..~Ko...=/..QE.r
   0020 - 14 f2 9a e0 cd 56 55 ad-0f 61 20 11 d9 35 9b 63   .....VU..a ..5.c
   0030 - 42 70 8b 2b f4 c7 dd 13-06 dd 72 ed c8 81 74 55   Bp.+......r...tU
   0040 - 17 04 a7 86 24 9f 80 2d-30 b7 27 89 36 28 91 0f   ....$..-0.'.6(..
   0050 - f3 d5 0e 0b 2f 6c 99 93-fe 70 10 57 50 9a 3a de   ..../l...p.WP.:.
   0060 - 4f 31 e3 92 23 5d c2 4b-8f 36 1b 04 20 53 d4 43   O1..#].K.6.. S.C
   0070 - 6a 0a cb ef 09 84 a1 85-98 b3 18 43 87 40 82 6b   j..........C.@.k
   0080 - 4b e2 6a 64 19 10 da 8d-a3 0d 5a 65 96 e7 cc 66   K.jd......Ze...f
   closed



Hollenbeck                                                     [Page 30]

                     RFC 3749 Implementation Report        December 2004


   write to 0x8d6ba60 [0x8d75908] (37 bytes => 37 (0x25))
   0000 - 15 03 01 00 20 b1 a2 32-d4 86 f1 74 2b bd 4d e4   .... ..2...t+.M.
   0010 - 25 94 04 c3 3f dc 45 f8-c3 f2 12 81 03 b2 05 2a   %...?.E........*
   0020 - 24 94 e7 37 7a                                    $..7z
   ******************** END LOG ********************

        Figure 3: OpenSSL 0.9.8-dev Client, GnuTLS 1.0.16 Server


5.  Acknowledgements

   Dr.  Stephen N.  Henson, Simon Josefsson, and Nikos Mavrogiannopoulos
   provided all of the implementation detail described in this report.

6  References

   [1]  Hollenbeck, S., "Transport Layer Security Protocol Compression
        Methods", RFC 3749, May 2004.

   [2]  Deutsch, P., "DEFLATE Compressed Data Format Specification
        version 1.3", RFC 1951, May 1996.


Author's Address

   Scott Hollenbeck
   VeriSign, Inc.
   21345 Ridgetop Circle
   Dulles, VA  20166-6503
   US

   EMail: shollenbeck@verisign.com



















Hollenbeck                                                     [Page 31]