The server responds to the client hello message with a server hello message that contains the servers certificate and a list of ciphers that both the client and the server are prepared to use.
If the client provided a session identifier and the server found it in its cache the session identifier hit flag will be non-zero and the certificate and cipher list will not be included (the length fields and the certificate type will be 0). The identifier will be returned in the session identifier field.
If a previous session is not found a new, random, identifier will be generated and passed in the session identifier field.
Currently only ITU (nee CCITT) X.509 certificates are supported.