Hi! I am currently writing the documentation for the session caching and while researching in the code I found the following: ssl.h: #define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) ssl_sess.c: ... if (SSL_CTX_sess_get_cache_size(ctx) > 0) { while (SSL_CTX_sess_number(ctx) > SSL_CTX_sess_get_cache_size(ctx)) { if (!remove_session_lock(ctx, ctx->session_cache_tail, 0)) break; else ctx->stats.sess_cache_full++; } } ... With SSL_CTX_sess_number being ssl_lib.c: case SSL_CTRL_SESS_NUMBER: return(ctx->sessions->num_items); This means that the default session cache size is more than 20000 sessions.. (With client certificates a session can easily be more than 1kb, so I am talking about 20MB. Yes, I am aware that it might be pretty tough to establish 20000 sessions in the first place :-) Did I miss something? Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]