SSL Parser


Hi All,

I’m trying to understand how does Wireshark (and browser/any other app) is parsing the SSL/TLS packets.
If to be more precise, I’m interesting in the way that Wireshark determines the record layer type (SSL v# / TLS v#).
see that attached image, in each packet the TLS version is clear (in has a representation in the packet itself), but I can’t seem to find where in the packet there is an indication of the SSL/TLS record type.