SSL_SESSION_set1_ticket ?

Hubert Kario hkario at
Wed Apr 10 10:15:31 UTC 2019

On Wednesday, 10 April 2019 12:05:21 CEST Jeremy Harris wrote:
> On 10/04/2019 01:25, Viktor Dukhovni wrote:
> > With TLS 1.0, 1.1 and 1.2, the the (always new IIRC) session object
> > associated with the connection object at the completion of each
> > handshake, will contain any fresh tickets issued by the server.
> That does not match my observation.

that assumes that the server sends tickets in the first place... but the point 
stands, the TLS 1.2 server cannot provide a session ticket to the client after 
the handshake finished (client received server's Finished message), same for 
even older protocols

Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the openssl-users mailing list