[openssl-users] Two sessions in a single full handshake
Matt Caswell
matt at openssl.org
Mon Oct 1 07:34:49 UTC 2018
On 30/09/18 06:05, John Jiang wrote:
> Now that full handshake sends two sessions, does that mean option
> -sess_out saves both of the sessions to a local file?
The last session received is the one in the sess_out file.
Matt
> If so, when resume session via option -sess_in, which session will be
> resumed?
>
> On Sun, Sep 30, 2018 at 11:47 AM Benjamin Kaduk via openssl-users
> <openssl-users at openssl.org <mailto:openssl-users at openssl.org>> wrote:
>
> s_client has -sess_out and -sess_in options that can be used
> to save session information to a file and read it in for a subsequent
> connection. Neither is used by default.
>
> -Ben
>
> On Sun, Sep 30, 2018 at 11:06:14AM +0800, John Jiang wrote:
> > Does s_client resume any session in the local session file?
> >
> > On Sun, Sep 30, 2018 at 3:19 AM Salz, Rich via openssl-users <
> > openssl-users at openssl.org <mailto:openssl-users at openssl.org>> wrote:
> >
> > >
> > > - The debug logs display two "SSL-Session" blocks in a full
> handshake.
> > >
> > > Only one "SSL-Session" block is displayed in a resumption.
> > >
> > > Why does full handshake has two sessions?
> > >
> > >
> > >
> > > This is part of the TLS 1.3 standard. A server can send back
> multiple
> > > sessions, so that a client may resume with a different session, and
> > > therefore prevent an observer from “linking” two different
> activities.
> > > --
> > > openssl-users mailing list
> > > To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-users
> > >
>
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
More information about the openssl-users
mailing list