[openssl-users] RFC5077 ticket construction help

Viktor Dukhovni openssl-users at dukhovni.org
Wed Mar 28 16:44:02 UTC 2018

> On Mar 28, 2018, at 12:26 PM, Henderson, Karl via openssl-users <openssl-users at openssl.org> wrote:
> Need some help with RFC5077 ticket construction. I’d like to implement a type of Needham-Schroeder protocol where:
> 	• A wants to talk to B
> 	• A and B have a relationship with C
> 	• C constructs an RFC5077 ticket and gives it to A so that A can contact B
> Are there any good examples of how to do this?
> The problem I think I’m having the most difficulty with is understanding what I need to put into the encrypted_state portion of the session ticket.

It would more sense for C to issue short-term client certificates.
Session tickets are for session resumption.  In particular they
can't authenticate the server to the client, so you still need
an initial handshake for that.

To do GSSAPI with TLS, do TLS on the outside (client authenticates
the server and establishes an secure channel), and then GSSAPI
with channel binding (server authenticates the client as being the
party at the other end of the channel).


More information about the openssl-users mailing list