I am trying to determine a good length for SSL Session timeouts. It appears
the default cache length is 5 minutues, but if the session is reused within
those five minutes, its timeout is renewed to five minutes, and so on.
What I can't find is whether there is a global maximum number of
times/length of time you can use a given SSL session, and/or where to set
that. It might be browser-specific, I don't know.
Is it possible to set the maximum length that a SSL session can live? say
one hour, with expiry in the default 5 minutes if no reuse?
J
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
