I have a question related to the ssl.log. As I am no expert of the SSL protocol, it is
higly probable that I am missing something here.
I noticed in the ssl.log several cases where the field "established" is T, but
there is no certificate found (no fuids) and the field validation_status in empty (-). In
the code I saw that the field "established" is set to T if the event
ssl_established is generated. Is it possible to establish an ssl session without
certificates? Is it because some sessions can be resumed with tickets as described in RFC
I'd appreciate some help to save me some time...