30 Oct
2004
30 Oct
'04
7:28 a.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Saturday 30 of October 2004 01:16, Ramin Ali Dousti wrote:
You're right in that I don't have persistent TCP connection. I just want to make sure that the SSL handshake does not take place with every short-lived connection.
You don't want to negotiate new keys for every connection, right?
In SSL there's a mechanism for it called "session cache". In stunnel you can increase the timeout for session cache with "session" option (on both client and sever). Just set it to a very high value (a month? a year?). The default is 300 seconds (5 minutes).
Best regards, Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBg0Kf/NU+nXTHMtERAl0mAKDODCg+9LwUVoBfx+i6ou7iYmjgcQCfYprS
Mv3KKdhQTUcs81yIw/KNT70=
=NWHN
-----END PGP SIGNATURE-----