2010/3/11 Robert Relyea <rrel...@redhat.com>: > > The Microsoft thing is also non-standard. (and also not well documented > -- which version of IE did it show up in?).
I found it documented at http://msdn.microsoft.com/en-us/library/ms536979(VS.85).aspx and that MSDN page says it showed up in IE6 SP1. > You are right, we need a way > to clear out the SSL cache. I know NSS provides a way to clear out the > whole SSL cache. Ideally we should have a way to clear out just the > 'current' SSL session without requiring new handshakes on connections > with other servers. NSS has a SSL_InvalidateSession function, but it takes an SSL FD as the argument. I think we need a new function to invalidate a session by name. This will allow us to invalidate an SSL session when we no longer have an open SSL connection (represented by an SSL FD) to the server. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
