vdukhovi wrote: I don't think this change is useful at present. Most applications run with a single context for the lifetime of the process, so this makes no difference. We (perhaps I) first need to implement automated key rotation, and only then do I think it make sense to worry about attempting to scrub the ticket keys.
richsalz wrote: I undesrstand @vdukhovni<https://github.com/vdukhovni>'s concerns. Let's discuss this on openssl-dev before merging this. *discuss* -- -Todd Short // tsh...@akamai.com<mailto:tsh...@akamai.com> // "One if by land, two if by sea, three if by the Internet."
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev