¥Key confirmation
–In both variants via
MAC on exchanged data
¥Replay protection
–In both variants
through inclusion of client-provided data in MAC
¥Server authentication
–In both variants
through MAC in ServerFinished message when replacing
existing key
¥Protection against MITM
–In both variants
through use of shared keys, client certificates, or server public key usage
¥User authentication
–Enabled in both
variants using authentication code
¥Device authentication
–In both variants if based on shared secret key or if
device sends a client certificate