Client Server ------ ------ Record 0 ClientHello (epoch=0) --------> Record 0 <-------- HelloRetryRequest (epoch=0) Record 1 ClientHello --------> (epoch=0) Record 1 <-------- ServerHello (epoch=0) {EncryptedExtensions} (epoch=2) {Certificate} (epoch=2) {CertificateVerify} (epoch=2) {Finished} (epoch=2) Record 2 {Certificate} --------> (epoch=2) {CertificateVerify} (epoch=2) {Finished} (epoch=2) Record 2 <-------- [ACK] (epoch=3) Record 3 [Application Data] --------> (epoch=3) Record 3 <-------- [Application Data] (epoch=3) Some time later ... (Post-Handshake Message Exchange) Record 4 <-------- [NewSessionTicket] (epoch=3) Record 4 [ACK] --------> (epoch=3) Some time later ... (Rekeying) Record 5 <-------- [Application Data] (epoch=4) Record 5 [Application Data] --------> (epoch=4)