The process begins with the client sending the server a
client-hello message. This message includes a list of encryption
algorithms that the client is prepared to use and some challenge data
to be used to authenticate the server. The message contains the
following fields:
The session identifier is used to match the current request with a previous one, avoiding the need for repeated authenticate and key exchange if two systems have frequent communication. When keys are selected the server will cache these and, if the client provides a session identifier in the client hello message the server will search the cache for this session identifier.