Hi,
Is there a document which details the way SSL session handling is done, I
could not locate any in openssl website. Specifically I have the
following questions:
(1) When are the SSL sessions removed? There seems to be a timeout,
is this an idle-session-timeout (i.e session is removed if no
conneciton is using this session for the given timeout) or is
this an absolute timeout (session is removed after timeout interval
from the session creation)?
(2) If the timeout is absolute, does the session gets deleted when
a connection is using that session. There seems to be a pointer
to ssl session object from SSL connection object, does this
mean the session won't be deleted till some connection is using
this session?
Thanks,
Nagaraj
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
