Skip to main content

10. Application Data Protocol

Application data messages are carried using the current active connection state and are fragmented, compressed, and encrypted by the record layer. These messages are treated as transparent data to TLS.

Application Data Protocol structure:

struct {
    opaque fragment[TLSPlaintext.length];
} ApplicationData;

Key features of the Application Data Protocol:

  1. Transparent Transport: TLS does not interpret the content of application layer data.
  2. Fragmentation: Large blocks of data are fragmented into multiple TLS records.
  3. Order Guarantee: TLS preserves the order of application data.
  4. Security Protection: All application data is protected using the negotiated cipher suite.

Application data messages MUST NOT be sent prior to the completion of the handshake (i.e., before a Finished message has been received and verified).

Note: Applications are responsible for ensuring that data sent over a TLS connection fits within the available record size limits (maximum 2^14 bytes).

Last updated on