Closed
Bug 1499737
Opened 6 years ago
Closed 6 years ago
Expose information whether resumption token provided via SSL_SetResumptionToken was used
Categories
(NSS :: Libraries, enhancement, P2)
Tracking
(Not tracked)
RESOLVED
WONTFIX
3.41
People
(Reporter: michal, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(1 obsolete file)
This information will be mostly used for telemetry to decide whether external token cache have any real positive effect. It can be also used to find optimal expiration time of the tokens, so we can keep the database as small as possible.
Updated•6 years ago
|
Comment 1•6 years ago
|
||
So I'm not sure if this is really the right approach here. Necko wants to be able to get data on whether a token was used or not on startup. Simple statistics on cache hits isn't enough because they have to know whether that first token was used. This is a pretty dumb implementation allowing that by registering a callback that tells an application when a token was used successfully and a function that compares two tokens. I'm open to other ideas...
Comment 2•6 years ago
|
||
Is it possible that the necko code can just check for the intersection of an external token being set and session resumption (using SSL_GetChannelInfo and SSLChannelInfo.resumed)?
Comment 3•6 years ago
|
||
(In reply to Martin Thomson [:mt:] from comment #2) > Is it possible that the necko code can just check for the intersection of an > external token being set and session resumption (using SSL_GetChannelInfo > and SSLChannelInfo.resumed)? That's what I thought at first as well. But after talking to Michal this didn't seem enough. Michal can you explain again?
Flags: needinfo?(michal.novotny)
Reporter | ||
Comment 4•6 years ago
|
||
(In reply to Franziskus Kiefer [:franziskus] from comment #3) > (In reply to Martin Thomson [:mt:] from comment #2) > > Is it possible that the necko code can just check for the intersection of an > > external token being set and session resumption (using SSL_GetChannelInfo > > and SSLChannelInfo.resumed)? > > That's what I thought at first as well. But after talking to Michal this > didn't seem enough. Michal can you explain again? IIRC, you were referring to SSL_GetStatistics which gives global stats and it's not possible to find out whether the token was used for a particular connection. If I can use SSLChannelInfo.resumed in nsSocketTransport::OnSocketConnected, then it's exactly what I was looking for.
Flags: needinfo?(michal.novotny)
Comment 5•6 years ago
|
||
Ok I close this one then. Michal, please re-open if you find that the info you get from the SSLChannelInfo or statistics is not enough.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
Updated•6 years ago
|
Attachment #9020750 -
Attachment is obsolete: true
You need to log in
before you can comment on or make changes to this bug.
Description
•