[openssl-dev] [PATCH][OpenSSL-1.0.2] making it possible to do async session lookup during session resumption
Alessandro Ghedini
alessandro at ghedini.me
Wed Jan 6 21:03:41 UTC 2016
On Wed, Jan 06, 2016 at 06:21:13AM +0000, Viktor Dukhovni wrote:
> On Tue, Jan 05, 2016 at 02:44:32PM -0800, Zi Lin wrote:
>
> > Hi OpenSSL devs,
> >
> > I want to propose a patch that makes OpenSSL compatible with
> > asynchronous session lookup during session resumption.
>
> I think this is a bad idea. If you want distributed session caches
> use session tickets,
That's not really a solution if the client doesn't support session tickets at
all. So in those cases you are left with doing no resumption or doing it
synchronously with session id in an inefficient way.
I think that with the new state machine in master this could be implemented
fairly elegantly and since there's an interest from OpenSSL users (even
BoringSSL provides this!) it seems like something worth implementing to me.
Cheers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160106/cce1de18/attachment.sig>
More information about the openssl-dev
mailing list