> Hi, > > there are 2 methods for SSL session caching: sessions IDs and session > tickets (described here: > http://en.wikipedia.org/wiki/Transport_Layer_Security#Resumed_TLS_handshake) > > uWSGI uses only tickets, but docs ( > http://uwsgi-docs.readthedocs.org/en/latest/SSLScaling.html) states it > requires replicated cache for synchronizing sessions accross different > uWSGI servers. > But tickets are suppose to provide session resumption without the need to > have server side session storage. > >
When no caching is enabled (and configured to be used as session storage), tickets are used. Otherwise tickets are disabled and sessions are used instead. Why supporting sessions if tickets already solve the issue ? Well, tickets support less features than sessions, so if you can you should use them. I am not an ssl expert (but it looks like being an expert in this topic is not a win currently ;) so this is only what i got. -- Roberto De Ioris http://unbit.it _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
