"Varga, Jack" <[EMAIL PROTECTED]> writes:
> Is the session_id resident in each ssl application
> data packet or just in the handshake packets? If so,
> is it always in the clear (i.e., not encrypted?
No, it's only in the ServerHello and (if resumption is being used) in
the ClientHello. However
"Varga, Jack" <[EMAIL PROTECTED]> writes:
> Along the lines of a Stephens TCP packet header illustration,
> is there something similar to describe an https (or http for that
> matter) packet header?
The first thing to realize is that HTTPS means "HTTP over SSL".
Ordinarily, HTTP traffic is carrie
Check http://www.modssl.org/docs/2.7/ssl_intro.html
and http://www.modssl.org/docs/apachecon2000/slide-006-l.html
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
__
OpenSSL Project
