You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2008/11/25 15:37:09 UTC
DO NOT REPLY [Bug 44285] ssl.SessionId Cache Control
https://issues.apache.org/bugzilla/show_bug.cgi?id=44285
Patrick Coomans <pa...@identitymanagement.be> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |patrick.coomans@identitymana
| |gement.be
--- Comment #3 from Patrick Coomans <pa...@identitymanagement.be> 2008-11-25 06:37:08 PST ---
This bug also generates a security breach when mutual SSL authentication is
used with a certificate on a smartcard. When the card is removed from the
computer, the session still continues. Changing this sslSessionTimeout to a low
value would allow the application to detect card removal.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org