The most important information in a session object is a choice of encryption algorithms and a "master secret" created by keyexchange with a client. Each connection can either do a full key exchange to established a new session, or reuse a previously established session. That is why we have the session abstraction and the session cache. Each session is used by one or more connections, in sequence or simultaneously.
It is also possible to change to a new session in the middle of a connection.
- Variable cert_data
information about the certificate in use by the peer, such as issuing authority, and verification status.
- Variable certificate_chain
our certificate chain
- Variable cipher_spec
Information about the encryption method derived from the cipher_suite.
- Variable cipher_suite
Constant defining a choice of keyexchange, encryption and mac algorithm.
- Variable compression_algorithm
- Variable dsa
The server's dsa private key
- Variable identity
Identifies the session to the server
- Variable ke_method
Key exchange method, also derived from the cipher_suite.
- Variable master_secret
48 byte secret shared between the client and the server. Used for deriving the actual keys.
- Variable peer_certificate_chain
the peer certificate chain
- Variable rsa
The server's private key