On 4 Nov 2011, at 7:12 AM, Mr.Rout wrote: > Can any body please let me know "what is the difference between TLS > Connection and TLS Session ?
If a client makes a connection to a server it has previously connected to, it can re-use the cryptographic parameters (such as the initial session key / "master secret") from its last connection instead of negotiating them again. This is "session resumption"; see the section RFC2246 that Richard Könning referred to. > How many TLS Session would be there in one TLS Connection? For each TCP > connection how many TLS Connection and TLS Session would be there ? Each TCP connection only has one TLS connection, and each TLS connection only has one TLS session. However, later connections can re-use (resume) an earlier session for efficiency. The PKC operations to establish a shared session key only have to be done once, when the session is first created. On 4 Nov 2011, at 9:44 AM, Mr.Rout wrote: > I am seeing that "for one TCP connection my TLS client is doing 4 > handshakes". I don't know what is the reason for this. > But when i see the packet capture i see "TLSv1: [TCP Previous segment lost] > Ignored Unknown" & "TLSv1: Encrypted Alert". I don't know what's happening in that packet trace. Is it possible that the connection is being dropped and the client is reconnecting (resulting in a new client hello, etc., as it sets up the new TLS connection for the new TCP connection)? If the number in parentheses is the client's port number, then that's what's happening. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
