RE: SSL, .NET, Web Services and Performance

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: [MSFT] (lukezhan_at_online.microsoft.com)
Date: 03/12/04

Next message: Jan Tielens: "Re: passing null values"
Previous message: sing: "Customizing proxy class"
In reply to: inge_at_norway.net: "SSL, .NET, Web Services and Performance"
Messages sorted by: [ date ] [ thread ]

Date: Fri, 12 Mar 2004 02:09:37 GMT

Hi Inge,

Thank you for using the community.

Regarding the question, with SSL, client and server will negotiate in a
session, not on every request. You may take a look at this article to see
if it can help to understand:

Description of the Secure Sockets Layer (SSL) Handshake
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q257591

Hope this help,

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Next message: Jan Tielens: "Re: passing null values"
Previous message: sing: "Customizing proxy class"
In reply to: inge_at_norway.net: "SSL, .NET, Web Services and Performance"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: [PHP] module and access rights
... I already started to use SSL, but i do not understand how to keep it ... application control it with information stored into DB and authorize user ... so a session is created and user is redirected to ... insisting that they login for every other request. ...
(php.general)
Re: SSL broken after Windows 2003 upgrade
... The svchost.exe you reference is "IIS". ... routes them to the appropriate w3wp.exe based on configuration from WAS ... WFetch can make both a normal SSL request as well as a Client-Certificate ...
(microsoft.public.inetserver.iis)
SSL and IPS (was RE: ssh and ids)
... How many simultaneous SSL sessions can be tracked?" ... I assume you're talking about a case in which the client constantly ... If you walk the possible session id space and ... The server chooses the session ID, ...
(Focus-IDS)
Re: Reality Check: Session Hijacking
... choice to force the visitor to accept session cookies to keep the session ... cookie is simply a cookie that dies when the browser is closed, ... Note that the visitor will not see the new URL in the browser (it still says ... implementing "if not SSL then unset isAuthenticated". ...
(comp.lang.php)
RE: Load balancing with NTLM or Basic authentication.
... The load balancer we’re going to use has the capability to be issue an SSL ... So it is able to maintain the SSL session with the client. ... application server. ... So our last piece of the puzzle was the issue of authentication. ...
(microsoft.public.inetserver.iis.security)