Here's the essence of the TLS handshake.
To recap, the client initiates with the server.
We're leaving out all the details about selecting the ciphers
and the extra randomness, which is important for security.
The server sends back a certificate.
The client validates the certificate using a chain of certificates going back
to some root certificate that the client trusts,
selects a random r and then encrypts that using the public key of the server.
The server can decrypt it, because it knows the corresponding private key.
Then they finish the handshake.
Now the client and server can communicate using those shared symmetric keys.
The protocol to do that is the TLS record protocol.
I may have made the mis-impression earlier that once you've established
symmetric keys communication is easy and there's nothing left to work out.
That's not the case. We're going to look at the TLS protocol next,
and indeed it does have some vulnerabilities.
