The default TLS session ticket key used by OpenSSL uses AES128-CBC-SHA256; considering the security offered by newer ciphersuites, the TLS session ticket key algorithm should be updated/improved, at least to AES256-CBC-SHA256. See:
https://github.com/openssl/openssl/issues/514 Cheers, TJ _______________________________________________ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev