"Ralf S. Engelschall" <[EMAIL PROTECTED]> writes:
> Another update is available before new features will be introduced (in 2.2.8):
> mod_ssl 2.2.7 for Apache 1.3.6. This version mainly contains support for the
> MSIE client workaround. Additionally some memory leaks were fixed. The next
> version (2.2.8) will introduce shared memory support for EAPI together with a
> high-performance shared memory based session cache (is already implemented and
> works fine, but needs some more cleanups and testing).
Would you be willing to comment on this "shared memory support for EAPI
together with a high-performance shared memory based session cache"? Are
you referring to the SSL session cache when you say "shared memory based
session cache"? Will there be just one shared memory pool, or will there be
a shared memory pool per module? Unless there is some standard way to come
up with session id's then there is the possiblity that modules could use
the same session id within the same pool which would be bad. Which leads me
to beleive that it would be nice to have a "tighter integration" between
other modules, "the session cache" and the SSL session id. Since there is a
good amount of assurance that this SSL session id cannot be spoofed unlike
other methods based on cookies or some such thing. Recent events not with
standing.
Much Thanks,
Tom
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
