Re: SSL session ID generation

2004-11-22 Thread Lutz Jaenicke
On Sun, Nov 21, 2004 at 04:03:20PM +0200, victor sherbinin wrote: > > > > I'm wondering whether generation of SSL session ID has to be based on > > random numbers. In my system, it would be more comfortable for me to > > generate a sequentially incrementing 64-bit or 128-bit session ID, with >

SSL session ID generation

2004-11-21 Thread victor sherbinin
> > I'm wondering whether generation of SSL session ID has to be based on random > numbers. In my system, it would be more comfortable for me to generate a > sequentially incrementing 64-bit or 128-bit session ID, with some constant > padding. Does this violate the security of SSL in any way? >