3. The TLS Session Hash

When a full TLS handshake takes place, we define

session_hash = Hash(handshake_messages)

where handshake_messages refers to all handshake messages sent or received, starting at the ClientHello up to and including the ClientKeyExchange message, including the type and length fields of the handshake messages. This is the concatenation of all the exchanged Handshake structures, as defined in Section 7.4 of [RFC5246].

For TLS 1.2, the Hash function is the one defined in Section 7.4.9 of [RFC5246] for the Finished message computation. For all previous versions of TLS, the Hash function computes the concatenation of MD5 and SHA1.

There is no session_hash for resumed handshakes, as they do not lead to the creation of a new session.

3. The TLS Session Hash​

3. The TLS Session Hash