Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8229149

SSLSession.getId() always returns the TLS record session id

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • P3
    • Resolution: Duplicate
    • 13, 14
    • None
    • security-libs
    • None

    Description


      SSLSession.getID() will return the current TLS record session id when using stateless resumption. For TLS 1.2 using stateless, this maybe more of an issue as resumption has always used the previous session ID. However, if the client resumes with the previous session ID, the server reply with that ID. This may change to be consistent a future release.

      Attachments

        Issue Links

          duplicates

          Sub-task - The sub-task of the issue JDK-8245576 Distributed TLS sessions implementation

          • P2 - Crashes, loss of data, severe memory leak.
          • In Progress
          relates to

          Enhancement - null JDK-8211018 Session Resumption without Server-Side State

          • P3 - Major loss of function.
          • Resolved

          Activity

            People

              ascarpino Anthony Scarpino
              ascarpino Anthony Scarpino
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: