> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Voucko > Sent: Thursday, November 18, 1999 11:10 AM > To: [EMAIL PROTECTED] > Subject: Re: Use of Random Bytes from Client and Server > > > Harry Whitehouse wrote: > > > > Micheal, Rene, Nicholas! > > > > Thanks for all of the good information! > > > > So in a resumable SSL session, the information "retained" by > the server is > > the pre-master secret and some unique session ID, right? > > > > Your responses suggest that if you did not have a resumable session (for > > instance, the transaction consisted of a single datagram from > the client and > > a single response from the server), the random bytes would be > of little or > > no value. IOW, a situation where the pre-master secret was > used for one and > > only one session, would probably not benefit from the random bytes? > > > > Best > > That's right. But as adding theses randoms while calculating the > keymaterial does not add much overhead. So using the randoms introduces > no performance penalty. If you think of protocols like HTTP which uses a > lot of connections within one single session you don't have to do the > time consuming authentication steps for every new request which is vital > feature at least on the server side if you need to authenticate the > client. Be careful when using fixed DH and client auth with an implicit Yc value. (Assuming the DH parameter matches). In this case the rnd values are necessarily. Regards Rene -- ----------------------------------------------------------- Rene G. Eberhard Mail : [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
