Miss-you commented on issue #2638: URL: https://github.com/apache/apisix/issues/2638#issuecomment-722790160
> > Because proper rotation of session ticket encryption key is not implemented in nignx or Apache. > > [mozilla/server-side-tls#135](https://github.com/mozilla/server-side-tls/issues/135) > > Look like it would be better if we implement session ticket rotation? We need a modified version of [lua-ssl-nginx-module](https://github.com/openresty/lua-ssl-nginx-module) to get new ticket from etcd. Implementing session ticket rotation is a good idea, but not a high priority. I think we should first disable the 'ssl_session_tickets'. On the other hand, it might be better to use redis instead of etcd. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
