On Thu, Apr 05, 2001 at 11:19:49AM -0400, Robert Buckley wrote:
> Thank you for your response,
> If you take a look at a later post, I wrote that a link outside the root,
> will shutdown the connection to the child. This makes the browser think its
> a fresh connection to the site. So even if you turned off "Ask Every Time",
> the outcome would still be the same. For every "new" connection, you'll need
> to identify yourself.
> If we could stop the connection from closing on the child, you probably
> wouldn't have to authenticate again.
I am not sure that I would follow your conclusion. Please use ssldump to
verify this assumption. If the browser wants to re-negotiate, it will not
propose a session to be reused.
Whether a connection to a child is closed or not however does influence
the session caching. If the external session cache can not cache the session,
childs can not exchange the session data, so if a new connection to another
child is opened, a new session will be negotiated (with new cert request).
Of course in this case the browser will drop all other old sessions
for this site.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
