Class SSL.session

Description

The most important information in a session object is a choice of encryption algorithms and a "master secret" created by keyexchange with a client. Each connection can either do a full key exchange to established a new session, or reuse a previously established session. That is why we have the session abstraction and the session cache. Each session is used by one or more connections, in sequence or simultaneously.

It is also possible to change to a new session in the middle of a connection.

Variable identity: string SSL.session.identity
Description: Identifies the session to the server

Variable compression_algorithm: int SSL.session.compression_algorithm
Description: Always COMPRESSION_null.

Variable cipher_suite: int SSL.session.cipher_suite
Description: Constant defining a choice of keyexchange, encryption and mac algorithm.

Variable cipher_spec: .Cipher.CipherSpec SSL.session.cipher_spec
Description: Information about the encryption method derived from the cipher_suite.

Variable ke_method: int SSL.session.ke_method
Description: Key exchange method, also derived from the cipher_suite.

Variable master_secret: string SSL.session.master_secret
Description: 48 byte secret shared between the client and the server. Used for deriving the actual keys.

Variable cert_data: mapping SSL.session.cert_data
Description: information about the certificate in use by the peer, such as issuing authority, and verification status.

Variable peer_certificate_chain: array(string) SSL.session.peer_certificate_chain
Description: the peer certificate chain

Variable certificate_chain: array(string) SSL.session.certificate_chain
Description: our certificate chain