RE: [ssl-users] Reuse of crypto information between SSL connections

Mon, 27 Apr 1998 03:46:58 -0400 



On Monday, April 27, 1998 3:55 PM, Holger Reif 
[SMTP:[EMAIL PROTECTED]] wrote:
> > I am implementing a HTTPS client software using SSLeay 0.8.1, which
> > "talks" to secure web servers.
> > 
> > Now I am trying to optimize the performance, and it looks like
> > generating of "handshake" for each time I access the same server
> > is an overhead, and there should be a way to reuse the crypto
> > information  between the requests, so that after the first time
> > only encryption and decryption of HTTP information will be performed.
> > 
> > So, I have a few questions:
> > 
> > * Is that possible at all with SSLeay?
> 
> Yes. Look for the session cache.

        Use the SSL_copy_session_id() defined in ssl.h;         <= This was valid in 
0.6.6
                                                                      is it still ?
> > * Is that true that the handshake and keys generation is done 
> >   upon the call to SSL_connect() ?
> > 
> > * How can I reuse the "active" handshake information?
> >   Where is it stored?
> > 
> > * Is there any way to know whether this information is still valid
> >   for the server (I guess the server's policy will be invalidation
> >   after some timeout...) ?
> 
> Not directly. But if the server discarded the information it will
> not accept the session id and SSleay will generate a fresh key.
> 
> > * Is Keep-Alive option in HTTP (reuse of the same socket for the
> >   connection) actually required to do the trick I want to, or is it
> >   possible to do that without Keep-Alive?
> 
> Works without Keep-Alive too.
> 
> > Thanks in advance,
> > 
> > Max.
> > Software Developer - Mercury Interactive Israel
> > [EMAIL PROTECTED] or [EMAIL PROTECTED]
> 
> -- 
> read you later  -  Holger Reif
> ------------------------------------ Signaturprojekt Deutsche Einheit
> TU Ilmenau - Informatik - Telematik                (Verdamp lang her)
> [EMAIL PROTECTED]          Alt wie ein Baum werden, um ueber
> Remus.PrakInf.TU-Ilmenau.DE/Reif/    alle 7 Bruecken gehen zu koennen
> +-------------------------------------------------------------------------+
> | Administrative requests should be sent to [EMAIL PROTECTED] |
> | List service provided by Open Software Associates, http://www.osa.com/  |
> +-------------------------------------------------------------------------+
> 
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/  |
+-------------------------------------------------------------------------+

Reply via email to