Will TLSv1.3 always send session ticket?

Benjamin Kaduk bkaduk at akamai.com
Thu Sep 16 16:30:18 UTC 2021


On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
> 
> I don't recall whether OpenSSL makes any effort to or supports deferring
> the transmission of session tickets until just before the first
> application data transmission from server to client (or else perhaps
> just before responding to a received close-notify with a reciprocal
> close-notify)

It's not the default behavior, but is supported: you can configure the
SSL/SSL_CTX to send zero tickets by default and then manually call
SSL_new_session_ticket(), which defers the transmission until there is another
write or explicit SSL_do_handshake() call.

-Ben


More information about the openssl-users mailing list