0

Why would a client send a TLS session ID (96b839ce3aadb65780923d28a3e7e767fc5bddc507884a7e70e506d8b85a06d3 on its first visit to a server/website? My understanding is that the client would include a session ID in the ClientHello message to indicate to the server that wants to resume a previous session. However, this wouldn't apply to a client's first visit. How is a TLS session ID generated? Is it a function of the cipher suites agreed upon/proposed by the client?

My client was a web browser on a desktop computer.

tshark output, viewed in Excel

user2205916
  • 101
  • 1
  • What client, what website, and what version of TLS? And are you sure it was the first visit? – Joseph Sible-Reinstate Monica Apr 17 '20 at 21:55
  • 1
    In particular if the client is TLS1.3 (if it is the server in your post must not be, because the server clearly isn't _agreeing_ 1.3, which no longer uses record types 12 14 and 22) see RFC8446 4.1.2 and D.4. – dave_thompson_085 Apr 18 '20 at 03:51
  • Does this answer your question? [Session ID in the very First Client Hello](https://security.stackexchange.com/questions/185779/session-id-in-the-very-first-client-hello) – Kien Truong Sep 21 '22 at 06:19

0 Answers0