One question about lifetime from a SecureChannel after session transfered due to cable disconnect to a new SecureChannel.
- Client is connected with server
- Connection will be interrupted (cable disconnect)
- After 5-10 seconds cable connected again
- Some time later the Client tries to reconnect to the server with a new socket (no TCP-RST was send from client before!)
- Client calls ActivateSession
- Connection established again.
What will happen to the old SecureChannel. In Spec. part 4 "Once the Server accepts the new SecureChannel it shall reject requests sent via the old SecureChannel."
Does this mean, if no further session is attached to the SecureChannel the server can remove this channel or shall the client call CloseSecurechannel after session transfered successfully?
You should not make design decisions in the server based on TCP implementation of securechannel. Other securechannel implementations may behave differently. The old securechannel will timeout on its own but it could be flagged for immediate closure if the server runs out of securechannels (this is a general DoS protection that stacks should have).