Will TLSv1.3 always send session ticket?

Viktor Dukhovni openssl-users at dukhovni.org
Thu Sep 16 17:11:47 UTC 2021

On Thu, Sep 16, 2021 at 09:49:31AM -0700, Benjamin Kaduk via openssl-users wrote:

> I'd be interested in hearing your thoughts about what an API/config would look
> like to enable the delayed-send behavior.

A simple boolean SSL_CONF_CMD called something like:

    -ticket_delay, or

would cause the ticket generation to be deferred until the first
application data write from server to client.

The API would be either a direct call to set the boolean, or
an indirect action via the SSL_CONF layer.

This would require a new bit to set the policy in the SSL_CTX that would
be inherited by any derived SSL handles.

The first data transmission would inspect the desired ticket count
computed during the handshake, and send that many tickets, resetting the
count to zero.

The current immediate transmission of tickets would merely squirrel away
the number of tickets to send with the first batch of data.


More information about the openssl-users mailing list