[openssl-dev] [openssl.org #4389] [PATCH] The NewSessionTicket message is not optional.
David Benjamin via RT
rt at openssl.org
Mon Mar 7 21:56:25 UTC 2016
Per RFC 4507, section 3.3:
This message [NewSessionTicket] MUST be sent if the
server included a SessionTicket extension in the ServerHello. This
message MUST NOT be sent if the server did not include a
SessionTicket extension in the ServerHello.
The presence of the NewSessionTicket message should be determined entirely
from the ServerHello without probing.
The SkipNewSessionTicket test in BoringSSL's test suite can be used to
repro this:
https://mta.openssl.org/pipermail/openssl-dev/2016-March/005779.html
David
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4389
Please log in as guest with password guest if prompted
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-The-NewSessionTicket-message-is-not-optional.patch
Type: application/octet-stream
Size: 1473 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160307/897575cc/attachment.obj>
More information about the openssl-dev
mailing list