[
https://issues.apache.org/jira/browse/TS-3371?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15339821#comment-15339821
]
Leif Hedstrom commented on TS-3371:
-----------------------------------
I think we have to take a step back here, and decide how we want these session
ticket configs to be handles. It's quite a mess now, with the current
implementation using the IP instead of the 16-byte identifier string. One
option is to just have a global (records.config) ticket secret, and then having
this as a global records.config setting also seems like it'd be required.
> Should create a global session ticket disable
> ---------------------------------------------
>
> Key: TS-3371
> URL: https://issues.apache.org/jira/browse/TS-3371
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Susan Hinrichs
> Assignee: Syeda Persia Aziz
> Fix For: sometime
>
>
> The current implementation requires the user to set the ssl_ticket_enabled=0
> for every entry in ssl_multiserver.config to turn off the ssl ticket session
> support.
> It would be better to have a global switch. It seems highly unlikely that
> someone will want to deploy ssl tickets for some destinations but not others.
> Would also be good to have a switch to disable ATS from offering session
> tickets when communicating with origin servers.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
