> > Does anyone know how can the encryption key used to > > secure SSL communication be changed/rotated over a > > long-lived (hours to days) SSL connection to prevent > > sniffers from deciphering the key by analyzing a > > arge amount of traffic?
> Look at SSL_renegotiate() and SSL_renegotiate_pending() Depending on exactly what you're doing, BIO_set_ssl_renegotiate_timeout and/or BIO_set_ssl_renegotiate_bytes may be more useful. See: http://www.openssl.org/docs/crypto/BIO_f_ssl.html DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
