> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Voucko
> Sent: Thursday, November 18, 1999 11:10 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Use of Random Bytes from Client and Server
>
>
> Harry Whitehouse wrote:
> >
> > Micheal, Rene, Nicholas!
> >
> > Thanks for all of the good information!
> >
> > So in a resumable SSL session, the information "retained" by
> the server is
> > the pre-master secret and some unique session ID, right?
> >
> > Your responses suggest that if you did not have a resumable session (for
> > instance, the transaction consisted of a single datagram from
> the client and
> > a single response from the server), the random bytes would be
> of little or
> > no value.  IOW, a situation where the pre-master secret was
> used for one and
> > only one session, would probably not benefit from the random bytes?
> >
> > Best
>
> That's right. But as adding theses randoms while calculating the
> keymaterial does not add much overhead. So using the randoms introduces
> no performance penalty. If you think of protocols like HTTP which uses a
> lot of connections within one single session you don't have to do the
> time consuming authentication steps for every new request which is vital
> feature at least on the server side if you need to authenticate the
> client.

Be careful when using fixed DH and client auth with an implicit Yc
value. (Assuming the DH parameter matches).
In this case the rnd values are necessarily.

Regards Rene

--
-----------------------------------------------------------
Rene G. Eberhard
Mail  : [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to