[
https://issues.apache.org/jira/browse/TS-1146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839958#comment-13839958
]
Wei Sun commented on TS-1146:
-----------------------------
Per my understanding, some legacy systems already have dedicated session cache
cluster for session resumption, when they upgrade to the latest openssl,
session ticket is supported by default, 'sess_ticket_enabled' option provides a
flexibility for them to disable session ticket and continue using their session
cache service. If application doesn't explicitly specify this option, the
behavior is backward compatible.
I updated the patch in the attachment, changes include: 'sess_key_filename' ->
'ticket_key_name'; release the context associated data when ctx's reference is
0; add a little bit of parameter description in ssl_multicert.config.en.rst.
Please help review.
> RFC 5077 TLS Session tickets
> ----------------------------
>
> Key: TS-1146
> URL: https://issues.apache.org/jira/browse/TS-1146
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL
> Reporter: James Peach
> Assignee: James Peach
> Labels: A
> Fix For: 5.0.0
>
> Attachments: SSL_CTX_set_tlsext_ticket_key_cb.txt,
> session_ticket.patch
>
>
> For supporting RFC 5077 TLS Session tickets across a ATS cluster, all the
> machines need to have the same server ticket.
> See https://github.com/apache/httpd rev
> 967d943b93498233f0ec81a5b48706fdb6892dfd
--
This message was sent by Atlassian JIRA
(v6.1#6144)
