{
"host" : "convergence.crypto.is",
"ssl_port" : 8843,
"http_port" : 8080,
"certificate" : "-----BEGIN CERTIFICATE-----\n
MIIDcjCCAloCCQCCUQAv7kG09zANBg\n
kqhkiG9w0BAQUFADB6MQswCQYDVQQG\n
EwJVUzETMBEGA1UECBMKU29tZS1T0c\n
...
IUJEjjJrJTnxLcKVL7+gIP5CW2xaUp\n
wGOoe/3KEU/yBaWXMiOyYduFoog8IQ\n
-----END CERTIFICATE-----\n"
}POST /target/www.google.de+443 HTTP/1.1 Content-Type: application/x-www-form-urlencoded Content-Length: 71 Host: convergence.crypto.is:8843 Connection: close fingerprint=40:50:62:E5:BE:FD:E4:AF:97:E9:38:2A:F1:6C:C8:7C:8F:B7:C4:E2
{
"fingerprintList":
[
{
"timestamp": {"start": "1312537562", "finish": "1315604078"},
"fingerprint": "51:1F:8E:C6:22:82:5B:ED:A2:75:CB:3E:95:AB:63:7F:69:D3:18:1C"
}
],
"signature": "MHu+jKdTJhRiNqTZleFnTY...RDYcPWuWBawQcReP3N82y54ZcEl3g=="
}Client Server
ClientHello -------->
ServerHello
Certificate
ServerKeyExchange
<-------- ServerHelloDone
ClientKeyExchange
ChangeCipherSpec
Finished -------->
ChangeCipherSpec
<-------- Finished
Application Data <-------> Application DataClient Proxy Server
ClientHello --> ------> -->
<-- <------ <-- ServerHello
/-- <-- Certificate
|
verify(certificate)
|
<-- --/
<-- <----- <-- ServerKeyExchange
<-- <----- <-- ServerHelloDone
ClientKeyExchange
ChangeCipherSpec
Finished --> -----> -->
ChangeCipherSpec
<-- <----- <-- Finished
Application Data <-> <----> <-> Application Data.