[cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])

Paul Hoffman paul.hoffman at vpnc.org
Tue Jul 2 17:02:24 EDT 2013


On Jul 2, 2013, at 1:52 PM, Ben Laurie <ben at links.org> wrote:

> Alternatively, we stay in this world, clients expire sessions hourly,
> and we're all happy.

Is this what most recent browsers do? They expire their TLS sessions after an hour? That would be nice.

--Paul Hoffman


More information about the cryptography mailing list