Aha! Apache mod_ssl provides SSL_SESSION_ID, but not by default. So I just need to require SSL/TLS, and don't have to implement (or use anyone else's) schlocky session management.
Back to blog or home page
last updated 2012-02-17 15:02:35. served from tektonic.jcomeau.com