вт, 10 мар. 2020 г. в 05:37, Lukas Tribus <[email protected]>: > Hello, > > > On Mon, 9 Mar 2020 at 20:39, Илья Шипицин <[email protected]> wrote: > >> I would disable session tickets by default in haproxy. Given that most > >> clients support TLS 1.3 already this change would not even slow down > many > >> clients. > > > > > > TLS tickets really require more love :) > > > > actually, there are two bad choices here > > > > 1) to specify TLS ticket key > > 2) not to specify > > > > if you specify, your security team will tell you that "it is not secure". > > if you do not specify, keys are generated on startup and it lead to huge > CPU spike on app reload (if you apply new config, app is reloaded and keys > are generated from scratch) > > You rotate ticket keys with "tls-ticket-keys" and reload or you can > even add new ticket keys online via the "set ssl tls-key" unix socket > command. But you have to take care of it if you want ticket key > rotation. >
it is clear for educated people. but documentation is written for non educated, right :) ? > > A performant, scalable and fully secure TLS setup is a non-trivial > configuration to make. Probably not possible without compromises in a > production environment with real world clients, but that is just how > it is. Regarding security aspects the actual attack surface has to be > considered. This attack requires the intruder to read the TLS ticket > key from memory, this kills the concept of Forward Secrecy, but it > does not kill anything else (that would not already be compromised > anyway when an attacker can read from memory). > > > Lukas >
