Reputation: 101
How long do FireFox, Chrome, Safari, and Opera cache SSL/TLS session keys?
To try to use a reason SSL/TLS session key timeout on the server-side, I'd like to know how long popular browsers cache session keys on the client.
Microsoft describes this information for Windows/IE here:
http://technet.microsoft.com/en-us/library/cc776467(WS.10).aspx
But, I haven't been able to find similar information for other popular browsers. Does anyone know? Thanks!
Upvotes: 6
Views: 5228
Answers (2)
Reputation: 1662
Google Chrome will never store session information on the disk so most expiration occurs because the user ends the process.
Otherwise, the session store is large enough to be (effectively) infinite for most users.
We don't delete session information when flushing user data (I believe), but we will delete it if we see certain sorts of handshake failures when connecting to the server. That's part of our general fallback for buggy servers which, dealing with the messy web, one is forced to do.
Upvotes: 2
Reputation: 6229
According to a very reliable source, this is how it is meant to work in Opera:
Sessions are stored until one of the following conditions occur:
1) server refuses connection (I'm translating this and am not an expert so this may be a bad choice of words)
2) user deletes private data
3) Opera is closed
Hope this gave you some of the information you were looking for.
Upvotes: 2
Related Questions
- How long are files usually kept in a browser's cache
- How long before a browser will automatically reset the SSL cache?
- How long google chrome and firefox cache DNS records
- Is data retrieved over SSL cached by the client browser?
- how long is javascript cached by default
- How long is an ssl session key valid? And how is it associated with a client?
- How long session stays on browsers?
- Inconsistent browser caching of session variables - any solutions?
- Do browsers vary cached content by protocol?
- Does the majority A-grade browsers cache content over https to disk?