Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

WwWXxX, udp high ports, d-link extract firmware dsl-2750u, wwwwxxxxx.2G, yxxxcom, WWWXXX, ftp://192.168.100.100, wwwxxx 100, www.xxxcon, wwwxxx

Links

XODOX
Impressum

#1: SSL Session ID chaining

Posted on 2010-05-04 20:36:44 by Klaubert Herr da Silveira

Hi

I recently found a patch for mod_ssl trunk
(http://svn.apache.org/viewvc?view=3Drevision&revision=3D779 005) and it is
in 2.3.5-alpha the SSL_SESSION_RESUMED, that is "Initial or Resumed
SSL Session. Note: multiple requests may be served over the same
(Initial or Resumed) SSL session if HTTP KeepAlive is in use". However
it show the 1st request as "Initial", and "resumed" on nexts requests
inside the same SSL_SESSION_ID (sometimes it show other "Initial" in
the same SSL_SESSION_ID, maybe because are in other tcp connection).

I had a situation were I make a client certificate authentication and
I need to know how to get if a SSL_SESSION_ID is the first and the
others are renegotiated (assuming a 5min. timeout), in a way showed
bellow:

Timestamp :SSL_SESSION_ID : Status
00:00:00 : AAAAAA : Initial
00:05:00 : BBBBBB =A0 : Renegotiated
00:10:00 : CCCCCC : Renegotiated
00:15:00 : DDDDDD : Renegotiated
00:20:00 : EEEEEE : Renegotiated

I can't find a way to make a relatioship between the SSL_SESSION_ID's,
how can I get this?


Best regards,

Klaubert Herr
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message