pierre Posted March 28, 2018 Posted March 28, 2018 (edited) Hello, I am working around the HTTPS protocol. I made two request with my web browser: 1- request the login page 2-send my credential toward the server I was inspecting my network mark, but I discover the HTTPS handshake is made each time the client (web browser) is making a web request. As you can see: Is it a normal behaviour ? Making a new secret primary key each time isn't too weighty ? I thought only one primary key was created at the outcome of the handshake and then use each time a new web request was made. Feel free to explain me :) Thanks Edited March 28, 2018 by pierre Quote
PoSHMagiC0de Posted March 28, 2018 Posted March 28, 2018 I am trying to type this on phone so bear with me. That is normal. Keys are valid per tcp session, or per number of bytes sometimes. They are always per session which is not the same as your web session. Tcp sessions end when fin is sent, or rst sent. Pretty much you getting the page is a session. You submitting/posting is another session. Each request is a new session so new keys are built. Quote
pierre Posted March 29, 2018 Author Posted March 29, 2018 (edited) But the SSL session ID don't change from the two request (even if Iknow you are talking about TCP session ID): I even get a warning message because the same session keys seem to be re-used ! But a new handshake is occuring, so why is the same session id and key (symetric primary key ?) generated again to cipher the exchange ? Edited March 29, 2018 by pierre Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.