SSL session cache memory consumption
[217 byte] By [nemon1ca] at [2007-11-26 15:56:53] 
Hello,I am implementing a high availability application that uses SSL session caching. How much memory does it consume? I mean, is setting session cache size to unlimited a 'safe' option?Thanks.
# 1
Not for a server, limit it to something. It's in the server's interest to keep sessions few and short-lived, but conversely it's in the client's interest to keep sessions many and long-lived.
A 'session' object contains the master secret and the current session key, and references to the peer certificate chain.
ejpa at 2007-7-8 22:17:44 >
# 2
Well, for performance reason my aim is to keep the session cache as large as possible. So approximately how much memory does one session object consume, 2k? 4k?nemon1ca at 2007-7-8 22:17:44 >
# 3
Can't say in advance. It all depends on the master secret and session key lengths, which in turn depend on the cipher suite negotiated between the peers; it also depends on the lengths of certificate chains which again you can't know in advance. You'll have to measure and experiment.ejpa at 2007-7-8 22:17:44 >
Security New Topic
Security Hot Topic
Security
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding