<div><div dir="auto">B I </div></div><div><br><div class="gmail_quote"><div dir="ltr">On Sat, Sep 29, 2018 at 10:06 PM John Jiang <<a href="mailto:john.sha.jiang@gmail.com">john.sha.jiang@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Now that full handshake sends two sessions, does that mean option -sess_out saves both of the sessions to a local file?<br></div>If so, when resume session via option -sess_in, which session will be resumed?<br></div><br><div class="gmail_quote"><div dir="ltr">On Sun, Sep 30, 2018 at 11:47 AM Benjamin Kaduk via openssl-users <<a href="mailto:openssl-users@openssl.org" target="_blank">openssl-users@openssl.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">s_client has -sess_out and -sess_in options that can be used<br>
to save session information to a file and read it in for a subsequent<br>
connection. Neither is used by default.<br>
<br>
-Ben<br>
<br>
On Sun, Sep 30, 2018 at 11:06:14AM +0800, John Jiang wrote:<br>
> Does s_client resume any session in the local session file?<br>
> <br>
> On Sun, Sep 30, 2018 at 3:19 AM Salz, Rich via openssl-users <<br>
> <a href="mailto:openssl-users@openssl.org" target="_blank">openssl-users@openssl.org</a>> wrote:<br>
> <br>
> ><br>
> > - The debug logs display two "SSL-Session" blocks in a full handshake.<br>
> ><br>
> > Only one "SSL-Session" block is displayed in a resumption.<br>
> ><br>
> > Why does full handshake has two sessions?<br>
> ><br>
> ><br>
> ><br>
> > This is part of the TLS 1.3 standard. A server can send back multiple<br>
> > sessions, so that a client may resume with a different session, and<br>
> > therefore prevent an observer from “linking” two different activities.<br>
> > --<br>
> > openssl-users mailing list<br>
> > To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
> ><br>
<br>
> -- <br>
> openssl-users mailing list<br>
> To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
<br>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
</blockquote></div>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
</blockquote></div></div>