On 13.06.2014 16:55, Rainer Jung wrote: > Now since a long time most clients do no longer rely on the server > caching the sessions. Instead they use TLS session resumption (RFC > 5077).
"without server-side state"/"stateless" is actually the important term from this RFC (session resumption is a standard protocol feature). > Currently mod_ssl does not provide a way to control the time how long > such a ticket may be used by the client. As far as I can see, there is > no specific API in OpenSSL for that, but there is a general API allowing > to set a session timeout that is checked whenever a session is > reconstructed. What OpenSSL function do you have in mind? SSL_SESSION_set_timeout? AFAICT, t1_lib.c:tls_decrypt_ticket simply restores the (relative) timeout for the SSL_SESSION, which is set to 5 minutes by default... but if I'm understanding correctly, you are concerned about clients reusing "old" tickets, is that correct? (If so, then I guess there's currently no other way than switching to a new ticket encryption key, see also [1]). Kaspar [1] https://mail-archives.apache.org/mod_mbox/httpd-dev/201308.mbox/%3C20130821111727.GA7331%40redhat.com%3E or https://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3C52248C40.7070206%40opensslfoundation.com%3E