Outputs from SSLDump with Mozilla and various other browsers(ie IE,Opera
etc....) revealed the following facts:
In case of a HTTPS request for a web site with say 4 gifs, mozilla opens up 4
TCP connections and do the SSL handshake including the clientkeyexchange,
server certificates .... for each one of them.
While other browsers like IE 5 or opera 5, open up 1 TCP connection and do a
complete SSL handshake on it... and then these browsers reuse use the session
id and negotiated values of this first TCP session for the other 3
connections which are opened for each gif ( for the other 3 TCP connections
it only performs HELLO and CHANGECIPHERSPEC protocol ).
This approach adds to performance in terms of the size of bandwidth and time.
I just wonder........ why mozilla is doing it differently as the resuse of
negotiated keys would result less turnaround time.
I am not able to figure out the reason for this anomolus behaviour.
Any thoughts ....or findings...
Moreover while closing these secure connections in case of Mozilla, web
server(Apache) doesnot send an Alert whereas it do sends an alert in case of
other browser.
Has somebody else observed similar behaviour ............
--Subhash
____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
