Jean-Marc Desperrier wrote, On 2009-03-18 02:50: > Robert Relyea wrote: >> [...] At the >> cost of about 20 bytes per client you would rather chew up CPU and >> network resources? > > It's very far from being that small usually. It can't be that small if > client authentication is used. > > There's an extension to TLS to offset the cost to the client (the server > sends him the encrypted content of the session cache, and the client > sends it back when he needs to reopen the session).
Yes, and it's supported in NSS in FF 3.0 But servers that support it are still rare beasts. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
