Holger Reif wrote:
> Sean Walker schrieb:
> > We are writing both client and server applications
> > and so have complete control over the design. What would be a good means
> > of generating a "session based" key?
>
> Perhaps you should ask for a better definition of "session based" first.
>
> > I believe that I would have to
> > disable key caching on the server, correct?
>
> You have to disable *session* caching on the server. Thus for every new
> connect a full SSL handshake is excercised and new key material for this
> connection is generated.
Unless they meant (as I suspect they did) that you should _enable_
session caching!
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
