[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Further Observations; How to prevent storage of SSL session information?



The problem seems to be more serious than what has been said below. If you
have a SSL session going on in a Netscape Navigator window, you can open
any number of additional windows with SSL sessions without any
authentication.

or You cannot simultaneously access two different secure pages on the
JigsawSSL server which require different certificates.

-bharath

On Wed, 10 Nov 1999, Bharath Vutukuru wrote:

> HI,
> 
> I've installed IAIK-JigsawSSL with mandatory client authentication. I
> observe that once I establish a SSL session , the state is being stored.
> That is, after I visit other websites, if I come back to my JigsawSSL web
> page, client authentication is not being asked and information from
> previous session is being used to continue the SSL connection.
> How do I prevent this?? How can I make the JigsawSSL server ask for
> client-authentication everytime I access a secure webpage on it??
> 
> Thanks in advance
> -bharath
> 
> 
> 

--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce