[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl] SSL socket reuse (Session ID )



Hello,
 
when connecting to the same server, in any case session resuming only can take place as soon as the first handshake has been
fully finsihed.
 
Regards,
Dieter Bratko
-----Ursprüngliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at [mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von Steve Wang
Gesendet: Mittwoch, 10. Oktober 2001 00:00
An: iaik-ssl@iaik.at
Betreff: [iaik-ssl] SSL socket reuse (Session ID )

Hi all,
 
We are using IAIK JCE/SSL and have the following issue: when 2 Java threads
(using IAIK JCE/SSL) try to reuse the same existing SSL session ID to connect
the same SSL server (which is also based on IAIK JCE/SSL) in parallel, it takes
almost the same time as if these 2 are new connections.
 
The debug printout is as follows:
    ssl_debug(42): Starting handshake (iSaSiLk 3.03)...
    ssl_debug(42): Sending v3 client_hello message, requesting version 3.0...
    ssl_debug(42): Trying to resume session 19:EA:48:EC:B8:D8:D7:46...
    ssl_debug(43): Starting handshake (iSaSiLk 3.03)...
    ssl_debug(43): Sending v3 client_hello message, requesting version 3.0...
    ssl_debug(43): Trying to resume session 19:EA:48:EC:B8:D8:D7:46...
 
After this, it takes 1 and half minutes (almost the same time to establish a new connection)
for the program to print out the following information
    ssl_debug(42): Received v3 server_hello handshake message.
    ssl_debug(42): Server selected SSL version 3.0.
    ssl_debug(42): Server also wants to resume a previous session.
    ssl_debug(42): Continuing with CipherSuite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
    ssl_debug(42): Continuing with CompressionMethod: NULL
    ssl_debug(42): Received change_cipher_spec message.
    ssl_debug(42): Received finished message.
    ssl_debug(43): Received v3 server_hello handshake message.
    ssl_debug(43): Server selected SSL version 3.0.
    ssl_debug(43): Server also wants to resume a previous session.
    ssl_debug(43): Continuing with CipherSuite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
    ssl_debug(43): Continuing with CompressionMethod: NULL
    ssl_debug(43): Received change_cipher_spec message.
    ssl_debug(43): Received finished message.
    [cut]
 
We also observed that if we run the 2 handshakes sequentially, it is even faster.
Has anybody encountered this problem before? Any suggestions?
Thanks,
 
Steve