SYSTEMS AND METHODS FOR NEXTPROTO NEGOTIATION EXTENSION HANDLING USING MIXED MODE
First Claim
1. A method for handling the processing of a next protocol negotiation extension for a transport layer security (TLS) session, the method comprising:
- (a) receiving, by a device intermediary to a client and a server, a client hello message from the client in a handshake to establish a transport layer security (TLS) session with the server, the client hello message comprising a next protocol negotiation extension, the device comprising a first TLS processor that is software based and a second TLS processor that is hardware based;
(b) determining by the device, that the client hello message includes the next protocol negotiation extension;
(c) establishing, by the device responsive to the determination, the TLS session using the first TLS processor; and
(d) processing, by the device upon establishment of the TLS session using the first TLS processor, encrypted data for the TLS session using the second TLS processor.
8 Assignments
0 Petitions
Accused Products
Abstract
This disclosure is directed to systems and methods for handling the processing of a next protocol negotiation extension for a transport layer security (TLS) session. A device, intermediary to a client and a server, may receive a client hello message from the client in a handshake to establish a transport layer security (TLS) session with the server. The client hello message may include a next protocol negotiation extension. The device may include a first TLS processor that is software based and a second TLS processor that is hardware based. The device may determine that the client hello message includes the next protocol negotiation extension. The device may establish, responsive to the determination, the TLS session using the first TLS processor. The device may process, upon establishment of the TLS session using the first TLS processor, encrypted data for the TLS session using the second TLS processor.
-
Citations
20 Claims
-
1. A method for handling the processing of a next protocol negotiation extension for a transport layer security (TLS) session, the method comprising:
-
(a) receiving, by a device intermediary to a client and a server, a client hello message from the client in a handshake to establish a transport layer security (TLS) session with the server, the client hello message comprising a next protocol negotiation extension, the device comprising a first TLS processor that is software based and a second TLS processor that is hardware based; (b) determining by the device, that the client hello message includes the next protocol negotiation extension; (c) establishing, by the device responsive to the determination, the TLS session using the first TLS processor; and (d) processing, by the device upon establishment of the TLS session using the first TLS processor, encrypted data for the TLS session using the second TLS processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for handling the processing of a next protocol negotiation extension for a transport layer security (TLS) session, the system comprising:
-
a device intermediary to a client and a server, the device configured to receive a client hello message from the client in a handshake to establish a transport layer security (TLS) session with the server, the client hello message comprising a next protocol negotiation extension, a first TLS processor that is software based; a second TLS processor that is hardware based; wherein the device is configured to determine that the client hello message includes the next protocol negotiation extension and establish, responsive to the determination, the TLS session using the first TLS processor; and wherein the device upon establishment of the TLS session using the first TLS processor is configured to use the second TLS processor for processing encrypted data for the TLS session. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification