> There is not relation whatsoever between the transport
> channel (TCP, hosts,
> ports or whatever) and the TLS protocol (being transported in
> the channel).
> The case you are describing is not uncommon. I have a dialup
> provider that
> will give me a dynamic (and hence changing) IP number
> whenever build up
> a new connection. That does not stop me from re-using my TLS-sessions.
>
> Remark: the default timeout of SSL sessions in OpenSSL and in several
> OpenSSL based WWW-servers like mod_ssl is 300s=5min, so you
> have to switch
> your IPs fast :-). My Postfix/TLS extension for the
> Postfix-MTA defaults
> to 3600s=1h, so that this situation occurs more often.
A question along those same lines...
What specifically causes a browser to request the same session? And what
causes it to request a new session (session-ID = 0)? Can one know with
certainty whether a browser will attempt to resume a session?
TIA
Chad
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
