nginx and ephemeral Diffie-Hellman keys

Jauder Ho lists at ruby-forum.com
Sat Jun 14 00:53:29 MSD 2008


Looking at the RFC text, if nginx sends TLS close notify, and does not 
wait, does it reuse the session?

The other test case would be of premature close (if client closes 
connection without sending alert), session must be abandoned and not 
reused.



Igor Sysoev wrote:
> On Fri, Jun 13, 2008 at 01:55:21PM +0200, Jauder Ho wrote:
> 
>> On a separate note, in testing with 
>> http://www.serversniff.net/sslcheck.php
>> 
>> It is noted that nginx only partially supports TLS closures. See section 
>> 2.2 of http://tools.ietf.org/html/rfc2818
> 
> I do not know what they means under partially support of TLS closures,
> however, nginx sends TLS close notify alert, but does not wait it from
> client because many browsers including MSIE does not send this alert.

-- 
Posted via http://www.ruby-forum.com/.





More information about the nginx mailing list