Client certificate / SSL Cache - how exactly does it work?

[jonathan.r.anderson]

Does anyone know exactly how IE 6.0 SP2 (6.0.2900.2180) caches a client
certificate that a user has selected? Does it cache a selected
certificate per domain name, or is it based upon the SSL v3 Session ID?

Bottom line: under what conditions would IE6 negotiate a new session
and re-prompt to choose a client certificate?

I'm seeing some strange behavior in IE SP2, so this isn't the infamous
SP1 IFRAME issue.

Regards,
-Jon

 

[jonathan.r.anderson]

Bump.

 

[Guest]

The client certificate appears to be cached on the session ID. Clearing the
SSL state should cause the browser to re-present the certificate. Destoying
the client session and then sending them to a page requiring a client
certificate has the same effect.