On Thu, Sep 16, 2021 at 09:49:31AM -0700, Benjamin Kaduk via openssl-users
wrote:
> I'd be interested in hearing your thoughts about what an API/config would look
> like to enable the delayed-send behavior.
A simple boolean SSL_CONF_CMD called something like:
-ticket_delay, or
On Thu, Sep 16, 2021 at 06:50:40PM +0200, Hubert Kario wrote:
> On Thursday, 16 September 2021 17:59:48 CEST, Viktor Dukhovni wrote:
> > The Internet does not solely consist of browser traffic from portable
> > devices at wifi hotspots to taboo web sites.
>
> taboo web sites are not the only
On Thursday, 16 September 2021 17:59:48 CEST, Viktor Dukhovni wrote:
The Internet does not solely consist of browser traffic from portable
devices at wifi hotspots to taboo web sites.
taboo web sites are not the only reason to expect privacy...
--
Regards,
Hubert Kario
Senior Quality Engineer,
On Thu, Sep 16, 2021 at 12:40:55PM -0400, Viktor Dukhovni wrote:
> On Thu, Sep 16, 2021 at 09:30:18AM -0700, Benjamin Kaduk via openssl-users
> wrote:
> > On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
> > >
> > > I don't recall whether OpenSSL makes any effort to or supports
On Thu, Sep 16, 2021 at 09:30:18AM -0700, Benjamin Kaduk via openssl-users
wrote:
> On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
> >
> > I don't recall whether OpenSSL makes any effort to or supports deferring
> > the transmission of session tickets until just before the
On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
>
> I don't recall whether OpenSSL makes any effort to or supports deferring
> the transmission of session tickets until just before the first
> application data transmission from server to client (or else perhaps
> just before
On Thu, Sep 16, 2021 at 10:05:44AM +0100, Matt Caswell wrote:
> No. Unless you configure the server otherwise OpenSSL will always send
> session ticket(s) in TLSv1.3.
It may be worth mentioning a discussion from some time back on the TLSWG
list started by David Benjamin that notes that in TLS
On Thu, Sep 16, 2021 at 04:11:49PM +0200, Hubert Kario wrote:
> On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
> >
> > I am trying to get the remaining lifetime of the ticket so that
> > server can decide to renew ticket or not
>
> TLS 1.3 tickets are single use. If the
On Thu, Sep 16, 2021 at 04:57:03PM +0200, Hubert Kario wrote:
> On Thursday, 16 September 2021 16:28:47 CEST, Benjamin Kaduk wrote:
> > On Thu, Sep 16, 2021 at 04:11:49PM +0200, Hubert Kario wrote:
> > > On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
> > > >
> > > > I am trying
On Thursday, 16 September 2021 16:28:47 CEST, Benjamin Kaduk wrote:
On Thu, Sep 16, 2021 at 04:11:49PM +0200, Hubert Kario wrote:
On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
I am trying to get the remaining lifetime of the ticket so that server
can decide to renew ticket
On Thu, Sep 16, 2021 at 04:11:49PM +0200, Hubert Kario wrote:
> On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
> >
> > I am trying to get the remaining lifetime of the ticket so that server
> > can decide to renew ticket or not
>
> TLS 1.3 tickets are single use. If the ticket
On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
I am trying to get the remaining lifetime of the ticket so that
server can decide to renew ticket or not
TLS 1.3 tickets are single use. If the ticket was used by a client, and
you expect it to make a connection in the future,
On 16/09/2021 09:58, Jaya Muthiah wrote:
TLSv1.3 does not require the server to send any tickets if it decides not to.
What makes it decide NO TO. Here I am particularly interested in
OpenSSL implementation only.
In OpenSSL it is possible to configure the server to set the number of
> TLSv1.3 does not require the server to send any tickets if it decides not to.
What makes it decide NO TO. Here I am particularly interested in
OpenSSL implementation only.
> In OpenSSL it is possible to configure the server to set the number of
> tickets that are sent - including down to 0.
I
On 16/09/2021 07:19, Jaya Muthiah wrote:
As I can read from the documents mentioned below, "or not at all"
worries me. Is there a situation when a session ticket is not sent at
all (other than when reused)?
TLSv1.3 does not require the server to send any tickets if it decides
not to. By
As I can read from the documents mentioned below, "or not at all"
worries me. Is there a situation when a session ticket is not sent at
all (other than when reused)?
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_sess_set_new_cb.html
Note that in TLSv1.3, sessions are established after the
16 matches
Mail list logo