It is a little bit tricky, but I'd like to know if a SSL server serving two different common name can reuse the same SSL Session ID when these request actually point on different common name ? It is not somehting I try to do but something I've got on my network and I'd like to figure out. To clarify, let's assume a client makes two requests:
host_01.com and host_02.com have different IP addresses that could actually point on the same server. asked 04 Jan '16, 08:26  Shared Trash edited 04 Jan '16, 09:03 |
2 Answers:
From RFC 4346:
Thus it seems to me to be possible to get the same session ID for 2 different sessions, the server would have to differentiate the session ID's for each session as they will refer to a different session state. answered 04 Jan '16, 08:55  grahamb ♦ |
Do note that the Session ID is established by the server. It would be a bit silly for a server to send the same session identifier twice as that would associate different secrets to the same session ID. (The Client Random is also incorporated in the master secret calculation, hence the server cannot force the use of exactly the same master secret.) From RFC 5246 (TLS 1.2):
and:
Even if an attacker manages to capture the Session ID, he cannot send it to the server and impersonate the victim client as he does not posess master secret related to that session ID (see section F.1.4. Resuming Sessions for details). On a related topic, in 2014, Delignat-Lavaud and Bhargavan presented the Virtual Host confusion attack which makes it possible to redirect traffic to a different vhost. Another attack related to session resumption (from the same authors and Pironti) is the Triple Handshake Attack which makes it possible for an active attacker to intercept and modify traffic. answered 04 Jan '16, 13:28  Lekensteyn |
Thanks grahamb for your quick answser. But mod_ssl and other popular/common ssl modules don't usually do that, it may mean that owner of this server had written some specific code to do so ?