SSL_SESSION_set1_ticket ?
Hubert Kario
hkario at redhat.com
Wed Apr 10 10:15:31 UTC 2019
On Wednesday, 10 April 2019 12:05:21 CEST Jeremy Harris wrote:
> On 10/04/2019 01:25, Viktor Dukhovni wrote:
> > With TLS 1.0, 1.1 and 1.2, the the (always new IIRC) session object
> > associated with the connection object at the completion of each
> > handshake, will contain any fresh tickets issued by the server.
>
> That does not match my observation.
that assumes that the server sends tickets in the first place... but the point
stands, the TLS 1.2 server cannot provide a session ticket to the client after
the handshake finished (client received server's Finished message), same for
even older protocols
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190410/78e3e5d7/attachment.sig>
More information about the openssl-users
mailing list