[openssl-project] OpenSSL 1.1.1 library(OpenSSL 1.1.0 compile) Postfix to Postfix test

Matt Caswell matt at openssl.org
Mon Apr 23 07:35:48 UTC 2018



On 23/04/18 02:49, Viktor Dukhovni wrote:
> 
> I tested a Postfix server and client built against OpenSSL 1.1.0,
> using 1.1.1 run-time libraries.  This exercised peer certificate
> fingerprint matching and session resumption.  No major issues.
> 
> The only interesting observations are:
> 
>   * With TLS 1.3 a new session is generated even sessions are
>     resumed, because the server responds with a new ticket
>     in the event of session resumption.  With TLS 1.2 sessions
>     that had sufficient remaining lifetime did not trigger new
>     ticket generation on the server, and no new session was
>     stored on the client.  This causes needless wear-and-tear
>     on the external session cache in Postfix, since each
>     connection writes out a new session, replacing the one
>     it just used.  Some might consider this a security feature,
>     but it is not especially desirable with SMTP.  Any thoughts
>     about whether this could be tunable?  It would have to be
>     server-side tuning I think, since the client does not know
>     why the server issued a new session, perhaps the old one
>     was not (or will soon not) be valid for re-use.

Note that some servers may actually issue more than one ticket per
connection. Notably boring issues 2 by default. I'm not sure if they
enable configuration of that.

In servers that accept early data we enforce single use tickets. In
those scenarios it may make sense to have more than one ticket issued
per connection.

I do have a WIP PR for enabling configuration of the number of tickets
to be sent on the server side:

https://github.com/openssl/openssl/pull/5227

I have not been prioritising that at the moment because I have been
focussing more on fixing defects.

Matt


More information about the openssl-project mailing list