Hi
On 12/23/25 00:07, Jakub Zelenka wrote:
I would like to introduce a TLS Session Resumption Support for Streams RFC
that is part of my stream evolution work (PHP Foundation project funded by
Sovereign Tech Fund) :
https://wiki.php.net/rfc/tls_session_resumption_api
Thank you for the RFC. The feature makes sense to me and fills a clear
gap. I'm sharing some of Derick's concerns and questions, particularly:
1. What will happen if an incorrect / outdated / malformed
`session_data` string is provided? Will it silently be ignored? Will it
emit an error? Will there be issues internally in OpenSSL?
2. We should avoid introducing new E_WARNINGs, particularly for clear
error situation (session_get_cb without session_new_cb).
Best regards
Tim Düsterhus
