On 30/09/18 06:05, John Jiang wrote: > Now that full handshake sends two sessions, does that mean option > -sess_out saves both of the sessions to a local file? The last session received is the one in the sess_out file. Matt > If so, when resume session via option -sess_in, which session will be > resumed? > > On Sun, Sep 30, 2018 at 11:47 AM Benjamin Kaduk via openssl-users > <openssl-users@xxxxxxxxxxx <mailto:openssl-users@xxxxxxxxxxx>> wrote: > > s_client has -sess_out and -sess_in options that can be used > to save session information to a file and read it in for a subsequent > connection. Neither is used by default. > > -Ben > > On Sun, Sep 30, 2018 at 11:06:14AM +0800, John Jiang wrote: > > Does s_client resume any session in the local session file? > > > > On Sun, Sep 30, 2018 at 3:19 AM Salz, Rich via openssl-users < > > openssl-users@xxxxxxxxxxx <mailto:openssl-users@xxxxxxxxxxx>> wrote: > > > > > > > > - The debug logs display two "SSL-Session" blocks in a full > handshake. > > > > > > Only one "SSL-Session" block is displayed in a resumption. > > > > > > Why does full handshake has two sessions? > > > > > > > > > > > > This is part of the TLS 1.3 standard. A server can send back > multiple > > > sessions, so that a client may resume with a different session, and > > > therefore prevent an observer from “linking” two different > activities. > > > -- > > > openssl-users mailing list > > > To unsubscribe: > https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > > -- > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
