What type of proxy are you referring to? Topologically,
where would the proxy have to be located, on the client's
network or could it be anywhere in front of the ssl server?
>> So that's what I'm looking to do; force a new ClientHello
>> using a cached session_id to a new fqdn. Actually,
>> the new fqdn in the resumed session is the front
>> end of a gated network. The ultimate destination is the
>> same SSL server. Another way to think of it is I'm trying
>> to force the resumed session to take a new route which
>> is controlled via name resolution.
>
> The browser is able to do something like that when proxies are involved.
> The browser is able to decouple the information about the SSL session from
> the IP address of the proxy. But this happens only when it is aware of the
> proxy.
--
Jack Varga SMTS 303.413.8800 x1082 wk
[EMAIL PROTECTED]
Boulder, Colorado
