DO NOT REPLY [Bug 44285] ssl.SessionId Cache Control

bugzilla Tue, 25 Nov 2008 06:38:00 -0800

https://issues.apache.org/bugzilla/show_bug.cgi?id=44285



Patrick Coomans <[EMAIL PROTECTED]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[EMAIL PROTECTED]
                   |                            |gement.be




--- Comment #3 from Patrick Coomans <[EMAIL PROTECTED]>  2008-11-25 06:37:08 
PST ---
This bug also generates a security breach when mutual SSL authentication is
used with a certificate on a smartcard. When the card is removed from the
computer, the session still continues. Changing this sslSessionTimeout to a low
value would allow the application to detect card removal.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 44285] ssl.SessionId Cache Control

Reply via email to