Hello,
I have several questions regarding SSL connection initiation. Thanks in
advance for your help, this list is great!
They are:
a) How does a web browser (say Netscape) that does not want to concern the
user with cryptographic details manage an RSA private key for the initiation
of an SSL session? I'm specifically interested in knowing whether it
creates a key once and stores it on the disk, if it creates a key at startup
and stores it for the lifetime of the process, or if it creates a key for
each session.
b) What is the typical PRNG seeding process used by a web browser (again,
say Netscape) when used on a machine that doesn't have /dev/random (e.g. A
Macintosh)?
c) Does the server generate an ephemeral RSA private key for each SSL
connection, or just once for the lifetime of the process which it uses
across all clients?
Thank you!
Brian Doyle
Balance Software, Inc.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
