Getting SSL_SESSION remaining lifetime

Hubert Kario hkario at
Thu Sep 16 14:57:03 UTC 2021

On Thursday, 16 September 2021 16:28:47 CEST, Benjamin Kaduk wrote:
> On Thu, Sep 16, 2021 at 04:11:49PM +0200, Hubert Kario wrote:
>> On Thursday, 16 September 2021 04:41:44 CEST, Jaya Muthiah wrote:
>>> I am trying to get the remaining lifetime of the ticket so that server
>>> can decide to renew ticket or not
>> TLS 1.3 tickets are single use. If the ticket was used by a client, and
>> you expect it to make a connection in the future, server needs 
>> to send a new
>> one.
> Single-use tickets are only a protocol requirement when 0-RTT data is used.
> The OpenSSL implementation even allows the libssl-internal enforcement of
> single-use to be disabled (see SSL_OP_NO_ANTI_REPLAY at
> OpenSSL as a client also has some measures to encourate single-use tickets,
> which I have a PR open to provide a knob to disable:
> .

They're single use not only because of replay but also because of privacy
reasons, as reuse of a ticket indicates that the same client did send it.
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic

More information about the openssl-users mailing list