• Enveloped data 

-  Encrypted content and associated keys

• Signed data

- Base-64 encoded (message + signed digest)

• Clear-signed data

- Cleartext message + Base-64 encoded (signed digest)

• Signed and enveloped data

• Signed and encrypted data.

Heartbleed exploit attacks this TLS protocol

• Binary-to-text encoding schemes that represent binary data in sequences of 24 bits that can be represented by blocks of four 6-bit Base64 digits.

• Designed to carry binary data across channels that only support text content.

• Authentication

• Message integrity

• Non-repudiation of origin (using digital signatures)

• Privacy

• Data security (using encryption)

• Used to conveys TLS-related alerts to peer entity

• Messages are compressed and encrypted, as specified by the current state

• Each message consists of two bytes:

• First byte: takes the value warning(1) or fatal(2) to convey the severity of the message

• If the level is fatal, TLS immediately terminates the connection

• Other connections on the same session may continue, but no new connections on this session may be established

• Second byte: contains a code that indicates the specific alert, e.g., close_notify to notify the recipient that the sender won’t send any more messages on this connection.

• When ________ is used, the following elements of the communication are encrypted:

• Full URL of a requested document (not the Server Name to resolve the DNS).

• Contents of the document

• Contents of browser forms (filled in by browser user)

• Cookies sent from browser to server and from server to browser

• Contents of HTTP header

Phase _?_ Client verifies the certificate. If valid, the client sends messages back to the server, depending on the underlying public-key scheme.