Using NSS 3.35 on MacOSX to test session resumption (via session id). If a client connect to a selfserv server with same options many times, the server may not reuse the session.
I used a JSSE client to connect the selfserv server twice. In the second connection, the client used the same SSL context that used in the first connection, that means the client reused the session. I repeated the above operation in a loop, and sometimes the session was not reused in a single operation. In single operation, the server side output likes the below: -------------------- selfserv: SSL version 3.3 using 256-bit AES with 160-bit SHA1 MAC selfserv: Server Auth: 256-bit ECDSA, Key Exchange: 256-bit ECDHE Compression: NULL, Extended Master Secret: No selfserv: subject DN: CN=server selfserv: issuer DN: CN=root selfserv: 0 cache hits; 2 cache misses, 0 cache not reusable 0 stateless resumes, 0 ticket parse failures selfserv: HDX PR_Read hit EOF returned error 0: Undefined error: 0 selfserv: SSL version 3.3 using 256-bit AES with 160-bit SHA1 MAC selfserv: Server Auth: 256-bit ECDSA, Key Exchange: 256-bit ECDHE Compression: NULL, Extended Master Secret: No selfserv: subject DN: CN=server selfserv: issuer DN: CN=root selfserv: 0 cache hits; 2 cache misses, 0 cache not reusable 0 stateless resumes, 0 ticket parse failures selfserv: HDX PR_Read hit EOF returned error 0: Undefined error: 0 -------------------- In the second connection, no cache was hit. In addition, I also used the same client to connect OpenSSL s_server, but didn't meet this problem. Thanks! -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto