> -----Original Message----- > From: sajualways > > Openssl "s_server" is allowing Session Reuse on the same tcp connection
Yes, of course. Why not? The ssl protocol is taking place on a higher OSI level than tcp, so it doesn't matter whether it's the same or a different tcp connection. > When a second client hello is sent with "session id" of first handshake it > is reusing i.e it is doing a session resumption instead it should do > "Renegotiation" By sending an ssl session id, your client tells the server to resume that ssl session. If your client doesn't want to resume any ssl session, but start a new one and thus undergo a full handshake, then simply make it not send an ssl session id. HTH, Patrick Eisenacher