[16897] in cryptography@c2.net mail archive
Re: TLS session resume concurrency?
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Wed Feb 16 08:05:06 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 11 Feb 2005 14:00:10 -0500
From: Victor Duchovni <Victor.Duchovni@MorganStanley.com>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <22123.38.119.128.203.1108139476.squirrel@webmail3.pair.com>
On Fri, Feb 11, 2005 at 11:31:16AM -0500, Tim Dierks wrote:
> On Thu, 10 Feb 2005 15:59:04 -0500, Victor Duchovni
> <Victor.Duchovni@morganstanley.com> wrote:
> > If the symmetric cypher is fully re-keyed when sessions are resumed
> > while avoiding the fresh start PKI overhead, then life is simple
> > and sessions can be re-used unmodified. Otherwise I may need to
> > ponder on designs for a multi-valued cache.
>
> I don't fully understand how you phrased the question in the two deleted
> paragraphs, but this one accurately describes the SSL/TLS session cache:
> it holds a shared secret derived from the original key exchange. For each
> connection, completely new encryption & authentication keys are derived
> from this shared secret and per-connection random nonces provided by each
> party. One session can be safely reused for many connections, either
> serially or in parallel. The session cache is also write-once: starting a
> new connection from a session needn't update the cached secret or other
> parameters.
>
Thanks, this is very useful. This means that the Postfix session cache
does not need multiple cached sessions per end-point. That makes TLS
session management much easier. A single initial session can be re-used
by overlapping subsequent deliveries.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
