Which of the following best describes session key creation in SSL?
A . It is created by the server after verifying theuser’s identity
B . It is created by the server upon connection by the client
C . It is created by the client from the server’s public key
D . It is created by the client after verifying the server’s identity
Answer: D
Explanation:
An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server.