Fast roaming support

Josh Howlett Josh.Howlett at
Wed Jan 9 09:29:47 CET 2008

> > Note that the RADIUS server needs to cache the MSK derived from the 
> > original TLS exchange; I am curious how the patch that got 
> submitted 
> > handled this...
>   It sets a flag in OpenSSL telling OpenSSL to cache the SSL 
> session contexts. :)

Ah, of course. FWIW, TTLSv0 has this to say about that:

   [Implementation note: Toolkits that implement TLS often cache 
   resumable TLS sessions automatically. Implementers must take care to 
   override such automatic behavior, and prevent sessions from being 
   cached for possible resumption until the user has been positively 
   authenticated during phase 2.] 


JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG

More information about the Freeradius-Devel mailing list