Will TLSv1.3 always send session ticket?

Matt Caswell matt at openssl.org
Thu Sep 16 07:56:28 UTC 2021

On 16/09/2021 07:19, Jaya Muthiah wrote:
> As I can read from the documents mentioned below, "or not at all"
> worries me. Is there a situation when a session ticket is not sent at
> all (other than when reused)?

TLSv1.3 does not require the server to send any tickets if it decides 
not to. By default in OpenSSL a server will send 2 session tickets after 
a normal handshake, or 1 session ticket after a resumption handshake. 
There is nothing in the spec about that, so other libraries are very 
likely to have different policies and defaults.

In OpenSSL it is possible to configure the a server to set the number of 
tickets that are sent - including down to 0.

So, yes, there may be situations where the server does not send a 
session ticket.


More information about the openssl-users mailing list