[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] SSL session caching & lookups

To: ngm+ietf@xxxxxxxxxx (Nagendra Modadugu)
Subject: Re: [TLS] SSL session caching & lookups
From: Martin Rex <Martin.Rex@xxxxxxx>
Date: Fri, 1 Feb 2008 15:24:08 +0100 (MET)
Cc: tls@xxxxxxxx
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <28425e380801311830h3b10fc67l34fe006f77ecc400@xxxxxxxxxxxxxx> from "Nagendra Modadugu" at Jan 31, 8 06:30:44 pm
List-archive: <http://www.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <http://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <http://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Reply-to: martin.rex@xxxxxxx
Sender: tls-bounces@xxxxxxxx

Nagendra Modadugu wrote:
> 
> NSS clients currently only attempt to resume a session if the
> following fields match:
> * server IP
> * server Port
> * server hostname

That are the three parameters that we use in our clients in order
to try an SSL session resume.  When client-side Proxies are involved,
then the server IP alone is insufficient (it would be fairly constant).

>
> * session ID

I don't know what you mean by listing "session ID".
An SSL session resume can only be proposed by a client, not by the
server.  The server can only agree to resume.  So the above three
parameters are the lookup key into the client side SSL session
cache -- the session ID is an attribute of the session itself.

-Martin
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
http://www.ietf.org/mailman/listinfo/tls

References:
- [TLS] SSL session caching & lookups
  - From: Nagendra Modadugu

Prev by Date: ietf.org mailing list memberships reminder
Next by Date: Re: [TLS] ECDHE_PSK as WG item?
Previous by thread: Re: [TLS] SSL session caching & lookups
Next by thread: [TLS] Last look at TLS 1.2
Index(es):
- Date
- Thread