> On Mar 30, 2017, at 9:51 PM, Phil Pennock <p...@exim.org> wrote:
>
>> What this means is that session resumption can't possibly work in
>> Exim (which is OK, Exim is not obligated to optimize the handshake
>> overhead of high-volume TLS traffic). Consequently, it would be
>> best if Exim did not generate SSL session ids or vend TLS session
>> tickets.
>
> Sounds right; we should consider adding this to the default value of
> openssl_options, which theoretically exposes _every_ `SSL_OP_` to
> administrator control.
Yes, for NO_TICKET, but for completeness you also need to change
the cache mode (to completely disable the cache), which cannot be
done via the option flags.
--
Viktor.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
