When Internet Explorer initiates an SSL 3.0 connection it sends a ClientHello
message to the server. Part of the ClientHello
message includes a section named RandomData
. The SSL 3.0 specification requires that the first four bytes of the RandomData
section sent by Internet Explorer must contain the client time stamp in "Unix Time" format. In all versions of Internet Explorer on Windows versions before Microsoft Windows XP, the Schannel.dll file only passes random data instead of a time stamp.
To see SSL 3.0 and Transport Layer Security protocol (TLS) SSL 3.0 documentation, visit the following Netscape Web site:
The most recent Draft SSL 3.0 specification is an Internet Draft that is dated November 1996. It is a proprietary protocol and not an internet draft or standard. TLS 1.0 was an IETF draft and is a Proposed standard. To review information on the IETF's proposed timestamp standard, visit the following Web site and the locate section "126.96.36.199":
Review the information on "Client hello" and "gmt_unix_time." Gmt_unix_time is the current time and date in standard UNIX 32-bit format (seconds since the midnight starting January 1, 1970, GMT) according to the sender's internal clock. Clocks are NOT REQUIRED to be set correctly by the basic TLS Protocol; higher level or application protocols may define additional requirements.