Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

ftp://192.168.100.100/, www.xxxcon, which comes first ob_start or session, wwwxxx/58/2010, xxxxdup, xxxxdup, mailx informatii, should producers of software-based services, such as atms, be held liable for economic injuries suffered when their systems fail?, mysql feiertage, bash netcat eof

Links

XODOX
Impressum

#1: SSL Session ID chaining

Posted on 2010-05-04 20:36:44 by Klaubert Herr da Silveira

Hi

I recently found a patch for mod_ssl trunk
(http://svn.apache.org/viewvc?view=3Drevision&revision=3D779 005) and it is
in 2.3.5-alpha the SSL_SESSION_RESUMED, that is "Initial or Resumed
SSL Session. Note: multiple requests may be served over the same
(Initial or Resumed) SSL session if HTTP KeepAlive is in use". However
it show the 1st request as "Initial", and "resumed" on nexts requests
inside the same SSL_SESSION_ID (sometimes it show other "Initial" in
the same SSL_SESSION_ID, maybe because are in other tcp connection).

I had a situation were I make a client certificate authentication and
I need to know how to get if a SSL_SESSION_ID is the first and the
others are renegotiated (assuming a 5min. timeout), in a way showed
bellow:

Timestamp :SSL_SESSION_ID : Status
00:00:00 : AAAAAA : Initial
00:05:00 : BBBBBB =A0 : Renegotiated
00:10:00 : CCCCCC : Renegotiated
00:15:00 : DDDDDD : Renegotiated
00:20:00 : EEEEEE : Renegotiated

I can't find a way to make a relatioship between the SSL_SESSION_ID's,
how can I get this?


Best regards,

Klaubert Herr
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Report this message