Programming with Sockets
In the third phase of the handshake, the client exchanges a key and calculates a
master secret to encrypt the messages and continue further communications. Client
also sends the request to change the cipher specification that was agreed on the
previous phase. It then indicates to start encrypting the message. The following
screenshot shows this process:
In the final task of the SSL handshake process, a new session ticket is generated by
the server for the client's particular session. This happens due to a TLS extension
where the client advertises its support by sending an empty session ticket extension
in the client Hello message. The server answers with an empty session ticket
extension in its server Hello message. This session ticket mechanism enables the
client to remember the whole session state, and the server becomes less engaged in
maintaining a server-side session cache. The following screenshot shows an example
for presenting an SSL session ticket: