Secondo RFC 5246 , 7.1. Cambia protocollo specifico cifrario:
The ChangeCipherSpec message is sent during the handshake after the security parameters have been agreed upon, but before the verifying Finished message is sent.
E 6.1. Stati di connessione:
A TLS connection state is the operating environment of the TLS Record Protocol. It specifies a compression algorithm, an encryption algorithm, and a MAC algorithm.... All records are processed under the current read and write states. The security parameters for the pending states can be set by the TLS Handshake Protocol, and the ChangeCipherSpec can selectively make either of the pending states current, in which case the appropriate current state is disposed of and replaced with the pending state; the pending state is then reinitialized to an empty state. It is illegal to make a state that has not been initialized with security parameters a current state. The initial current state always specifies that no encryption, compression, or MAC will be used.
ChangeCipherSpec non è coperto dal messaggio Finito. Dal 7.4.9. Finito:
Note: ChangeCipherSpec messages, alerts, and any other record types are not handshake messages and are not included in the hash computations.
Perdona la mia ignoranza, ma in che modo è autenticato ChangeCipherSpec?