TLS 1.2 Finished message
E37197
The TLS 1.2 Finished message is the protocol’s final handshake message that proves both parties share the same session keys and that the preceding handshake messages have not been tampered with.
All labels observed (1)
| Label | Occurrences |
|---|---|
| TLS 1.2 Finished message canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T287173 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: TLS 1.2 Finished message Context triple: [RFC 5246, defines, TLS 1.2 Finished message]
-
A.
TLS
TLS (Transport Layer Security) is a cryptographic protocol that secures data transmitted over networks by providing encryption, authentication, and integrity between communicating applications.
-
B.
RFC 5246
RFC 5246 is the Internet Engineering Task Force (IETF) standard that specifies Transport Layer Security (TLS) version 1.2, a widely used protocol for securing communications over computer networks.
-
C.
RFC 8446
RFC 8446 is the Internet standard that specifies TLS 1.3, a major revision of the Transport Layer Security protocol focused on improved security and performance for encrypted communications.
-
D.
SSL
SSL (Secure Sockets Layer) is a cryptographic protocol designed to provide secure, encrypted communication over a computer network, commonly used to protect data transmitted between clients and servers.
-
E.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: TLS 1.2 Finished message Target entity description: The TLS 1.2 Finished message is the protocol’s final handshake message that proves both parties share the same session keys and that the preceding handshake messages have not been tampered with.
-
A.
TLS
TLS (Transport Layer Security) is a cryptographic protocol that secures data transmitted over networks by providing encryption, authentication, and integrity between communicating applications.
-
B.
RFC 5246
RFC 5246 is the Internet Engineering Task Force (IETF) standard that specifies Transport Layer Security (TLS) version 1.2, a widely used protocol for securing communications over computer networks.
-
C.
RFC 8446
RFC 8446 is the Internet standard that specifies TLS 1.3, a major revision of the Transport Layer Security protocol focused on improved security and performance for encrypted communications.
-
D.
SSL
SSL (Secure Sockets Layer) is a cryptographic protocol designed to provide secure, encrypted communication over a computer network, commonly used to protect data transmitted between clients and servers.
-
E.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
TLS handshake message
ⓘ
cryptographic protocol message ⓘ |
| computedUsing | TLS 1.2 PRF ⓘ |
| containsField | verify_data ⓘ |
| definedIn | RFC 5246 ⓘ |
| dependsOn |
handshake transcript
ⓘ
master secret derivation ⓘ negotiated cipher suite ⓘ |
| direction |
client sends Finished to server
ⓘ
server sends Finished to client ⓘ |
| ensuresProperty |
binding of session keys to the handshake
ⓘ
handshake integrity ⓘ key confirmation ⓘ |
| hasPurpose |
to prove both parties share the same session keys
ⓘ
to verify integrity of preceding handshake messages ⓘ |
| hasRole | final handshake message ⓘ |
| hasSecurityGoal | mutual assurance of handshake consistency ⓘ |
| isBoundTo |
negotiated security parameters
ⓘ
specific TLS session ⓘ |
| isCriticalFor | detecting handshake transcript truncation ⓘ |
| isDifferentFrom | TLS 1.3 Finished message ⓘ |
| isEncryptedUnder | record layer protection ⓘ |
| isEncryptedWith | newly negotiated session keys ⓘ |
| isFirstMessageProtectedBy | negotiated cipher suite ⓘ |
| isOpaqueTo | network intermediaries due to encryption ⓘ |
| isPrecededBy | server Finished when client is resuming with abbreviated handshake in some flows ⓘ |
| isRequiredFor | successful TLS 1.2 session establishment ⓘ |
| isSpecifiedAs | Finished(handshake_messages) = PRF(master_secret, finished_label, Hash(handshake_messages)) ⓘ |
| messageTypeCode | 20 in TLS 1.2 handshake protocol ⓘ |
| occursAfter | ChangeCipherSpec message ⓘ |
| occursBefore | application data exchange ⓘ |
| partOf | TLS 1.2 handshake protocol ⓘ |
| prevents |
certain man-in-the-middle attacks on the handshake
ⓘ
undetected tampering with handshake messages ⓘ |
| PRFInput |
hash of all previous handshake messages
ⓘ
master secret ⓘ |
| PRFLabel |
"client finished" for client Finished
ⓘ
"server finished" for server Finished ⓘ |
| protocolVersion | TLS 1.2 ⓘ |
| sentBy |
TLS client
ⓘ
TLS server ⓘ |
| usesHashAlgorithm | negotiated PRF hash (e.g., SHA-256) ⓘ |
| verifies |
that no handshake messages were added
ⓘ
that no handshake messages were modified ⓘ that no handshake messages were omitted ⓘ |
| verify_dataLength |
12 bytes for non-export cipher suites
ⓘ
variable length depending on PRF hash for some configurations ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: TLS 1.2 Finished message Description of subject: The TLS 1.2 Finished message is the protocol’s final handshake message that proves both parties share the same session keys and that the preceding handshake messages have not been tampered with.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.