[jira] [Updated] (TS-3301) TLS ticket rotation
[ https://issues.apache.org/jira/browse/TS-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brian Geffon updated TS-3301: - Attachment: traffic_line_rotation_6.diff TLS ticket rotation --- Key: TS-3301 URL: https://issues.apache.org/jira/browse/TS-3301 Project: Traffic Server Issue Type: Bug Components: Core, SSL Reporter: Brian Geffon Assignee: Brian Geffon Fix For: 5.3.0 Attachments: traffic_line_rotation_6.diff We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (TS-3301) TLS ticket rotation
[ https://issues.apache.org/jira/browse/TS-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brian Geffon updated TS-3301: - Description: We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. Author: Bin Zeng bz...@linkedin.com was: We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. TLS ticket rotation --- Key: TS-3301 URL: https://issues.apache.org/jira/browse/TS-3301 Project: Traffic Server Issue Type: New Feature Components: Core, SSL Reporter: Brian Geffon Assignee: Brian Geffon Fix For: 5.3.0 Attachments: traffic_line_rotation_6.diff We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. Author: Bin Zeng bz...@linkedin.com -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (TS-3301) TLS ticket rotation
[ https://issues.apache.org/jira/browse/TS-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brian Geffon updated TS-3301: - Fix Version/s: 5.3.0 TLS ticket rotation --- Key: TS-3301 URL: https://issues.apache.org/jira/browse/TS-3301 Project: Traffic Server Issue Type: Bug Components: Core, SSL Reporter: Brian Geffon Assignee: Brian Geffon Fix For: 5.3.0 Attachments: traffic_line_rotation_6.diff We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (TS-3301) TLS ticket rotation
[ https://issues.apache.org/jira/browse/TS-3301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Brian Geffon updated TS-3301: - Issue Type: New Feature (was: Bug) TLS ticket rotation --- Key: TS-3301 URL: https://issues.apache.org/jira/browse/TS-3301 Project: Traffic Server Issue Type: New Feature Components: Core, SSL Reporter: Brian Geffon Assignee: Brian Geffon Fix For: 5.3.0 Attachments: traffic_line_rotation_6.diff We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs traffic_line -x after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
