Per RFC 4507, section 3.3: This message [NewSessionTicket] MUST be sent if the server included a SessionTicket extension in the ServerHello. This message MUST NOT be sent if the server did not include a SessionTicket extension in the ServerHello.
The presence of the NewSessionTicket message should be determined entirely from the ServerHello without probing. The SkipNewSessionTicket test in BoringSSL's test suite can be used to repro this: https://mta.openssl.org/pipermail/openssl-dev/2016-March/005779.html David -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4389 Please log in as guest with password guest if prompted
0003-The-NewSessionTicket-message-is-not-optional.patch
Description: Binary data
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
