I am looking at different solutions available for session fixation at this web site http://hungred.com/useful-information/solutions-session-attacks/. One of the solution is "Utilize SSL / TLS Session identifier". I have few questions related this. What actually is this mean? How we can implement this solution in asp.net? Is there any need of coding to implement it or it will be done through by some configuration? Regarding this solution its also written that "many web development languages do not provide robust built-in functionality for this solution". So my another question is this that is this functionality built-in for ASP.NET?