That is my point.
Session IDs themselves are public; namely they may be exchanged in the plain text as part of an initial TLS handshake. They are used for session resumption to look-up confidential (e.g. keying) information that should…
That is my point.
Session IDs themselves are public; namely they may be exchanged in the plain text as part of an initial TLS handshake. They are used for session resumption to look-up confidential (e.g. keying) information that should…