diff --git a/rdpy/protocol/common/error.py b/rdpy/protocol/common/error.py
index 453edf7..6832c54 100644
--- a/rdpy/protocol/common/error.py
+++ b/rdpy/protocol/common/error.py
@@ -12,3 +12,13 @@ class InvalidExpectedDataException(Exception):
         '''
         Exception.__init__(self, message)
         
+class NegotiationFailure(Exception):
+    '''
+    raise when negotiation failure in different protocols
+    '''
+    def __init__(self, message):
+        '''
+        constructor with message
+        '''
+        Exception.__init__(self, message)
+        
diff --git a/rdpy/protocol/rdp/tpdu.py b/rdpy/protocol/rdp/tpdu.py
index 8d77a1f..9689bc9 100644
--- a/rdpy/protocol/rdp/tpdu.py
+++ b/rdpy/protocol/rdp/tpdu.py
@@ -3,7 +3,7 @@
 '''
 from rdpy.protocol.common.layer import LayerAutomata
 from rdpy.protocol.common.stream import Stream
-from rdpy.protocol.common.error import InvalidExpectedDataException
+from rdpy.protocol.common.error import InvalidExpectedDataException, NegotiationFailure
 
 class TPDU(LayerAutomata):
     '''
@@ -121,6 +121,8 @@ class TPDU(LayerAutomata):
             self.readNegResp(data)
         else:
             raise InvalidExpectedDataException("bad protocol negotiation response code")
+        #_transport is TPKT and transport is TCP layer of twisted
+        self._transport.transport.startTLS(ClientTLSContext())
     
     def readNegFailure(self, data):
         '''
@@ -130,7 +132,30 @@ class TPDU(LayerAutomata):
     
     def readNegResp(self, data):
         '''
-        read negotiatiion response packet
+        read negotiation response packet
         '''
-        pass
-        
\ No newline at end of file
+        flag = data.read_uint8()
+        len = data.read_leuint16()
+        
+        if len != 0x0008:
+            raise InvalidExpectedDataException("invalid size of negotiation response")
+        
+        protocol = data.read_leuint32()
+        if protocol != self._protocol:
+            raise NegotiationFailure("protocol negotiation failure")
+        
+
+#open ssl needed
+from twisted.internet import ssl
+from OpenSSL import SSL
+
+class ClientTLSContext(ssl.ClientContextFactory):
+    '''
+    client context factory for open ssl
+    '''
+    isClient = 1
+    def getContext(self):
+        context = SSL.Context(SSL.TLSv1_METHOD)
+        context.set_options(SSL.OP_DONT_INSERT_EMPTY_FRAGMENTS)
+        context.set_options(SSL.OP_TLS_BLOCK_PADDING_BUG)
+        return context
\ No newline at end of file