> > In my last question I mentioned existing connections on a session that
> > has had it's master secret changed must continue to use the values
> > generated from the old master secret. Is this true or does OpenSSL get
> > all the connections to change their bulk cipher keys and IVs?
>
> The way I read the SSL spec, the client can only send a previous
> session ID in it's client hello message if it wants to reuse the
> same security parameters. I.e. it behooves the client to use another
> session ID in this case.
I must admit, I just assumed a connection could force an existing
session to renoegotiate it's parameters. You made me look for a more
precise definition of what can happen in the spec. In section 5.6.1.2
(client hello message) of SSLv3 (rev2):
The client hello message includes a variable length session identifier.
If not empty, the value identifies a session between the same client and
server whose security parameters the client wishes to reuse(i). The
session identifier may be from an earlier connection, this connection or
another currently active connection. The second option is useful if the
client only wishes to update the random structure and derived values of
a connection (ii), ...
i) I think it means the cipher suite should not change
ii) but the the connection bulk cipher keys and IVs etc must be these
derived values.
So my reading is that you can't change the cipher spec in use for a
session but each connection can use the handshake to change it's own
bulk cipher parameters.
Any thoughts?
--
Regards,
David Taylor
Forge Research
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
