[openssl-dev] [openssl.org #4108] Set TLS ticket keys API
Chris Conroy via RT
rt at openssl.org
Tue Oct 27 03:13:27 UTC 2015
Pull request on github: https://github.com/openssl/openssl/pull/452
The existing API for managing RFC 5077 TLS ticket keys is cumbersome:
callers must either specify a key once at startup or they must implement a
complicated callback API.
This new API allows a caller to set a list of TLS ticket keys. The first
key in the list is preferred, and any other keys in the list will be
accepted with an upgrade to a ticket with the preferred key. This scheme
allows groups of servers to implement seamless key rotation strategies.
The original patch comes from Twitter's https://github.com/twitter/sslconfig
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list