For load balancing issue, I need to find out the typical SSL persistence behavior among browsers (and servers). What I’ve found out so far that SSL 3.0 (onwards) have moved out the session ID from encryption. So now load balancers can take advantage of that session ID and implement sticky sessions. But one problem remains that, after IE5+, Internet Explorer renews the SSL session in every two minutes. I’m yet to figure out the Firefox/Mozilla implementation for this, but seems like I cannot rely on the SSL session ID for being the same for a long period of time, thus invalidating the Sticky Session implementation which will depend on session ID for SSL connections.
Related Links:
- http://www.ssl-technology.com/ssl_persistence.htm
- “At any time, due to internal or external stimulus (either automation or user intervention), either side may renegotiate the connection, in which case, the process repeats itself.” (Source: http://support.microsoft.com/kb/257591).
Hi,
Most obviouly your quite wrong.
Comment by pollyHuber — April 17, 2007 @ 3:18 pm |
PollyHuber, can you explain? I may be wrong, but I want to find out where…
Comment by mozammel — April 17, 2007 @ 3:57 pm |
Peace people
We love you
Comment by HelloWorld — April 28, 2007 @ 4:44 pm |
very interesting, but I don’t agree with you
Idetrorce
Comment by Idetrorce — December 16, 2007 @ 7:26 am |
correct. using sslid to provide persistence sucks as IE and Firefox renegotiate. The best way to do this is to use an ssl offload device along with cookie based persistence. Otherwise you have to use source IP which sucks.
Comment by bob — April 16, 2008 @ 3:20 am |