Thanks Matt On Thu, Jun 8, 2017 at 3:45 PM, Matt Caswell <m...@openssl.org> wrote:
> > > On 08/06/17 23:12, Neetish Pathak wrote: > > Thanks. > > I had one query regarding the TLS 1.3 implementation on server side. I > > have a simple client server program with session resumption working with > > TLS 1.2. > > When I use TLS 1.3, I see that server hello message has a malformed > > packet. > > How do you know it is malformed? The format of the ServerHello message > has changed in TLSv1.3, so if you expect it to look like a TLSv1.2 > ServerHello then you will be surprised. > *I know the ServerHello is malformed from the WIRESHARK LOGS. It shows an exception for the ServerHello with malformed packet message.* > > > Though the SSL handshake is successful. I am not observing > > session resumption. > > I want to know what causes server hello to have a malformed packet. > > Also, is any extra configuration required for TLS 1.3 ? > > I am assuming TLS 1.3 can also use session Ids/ tickets for session > > resumption. > > You probably want to read this blog post: > > https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/ > > *This blogpost is highly useful. Thanks for directing me here. I am following the guidelines.* > Session ids are not used in TLSv1.3 and session tickets work very > differently. Session resumption should work just fine but there are some > things to be aware of (discussed in the blog post). > > Matt > > > > > > Thanks > > Best Regards, > > Neetish > > > > On Thu, Jun 8, 2017 at 1:47 AM, Matt Caswell <m...@openssl.org > > <mailto:m...@openssl.org>> wrote: > > > > > > > > On 08/06/17 01:26, Neetish Pathak wrote: > > > Hello All, > > > > > > I am new to the Openssl community. > > > I am using the latest version of Openssl (with TLS 1.3 enabled) for > > > performance benchmarking. I wanted to know if the session ticket > support > > > for session resumption enabled;ed by default for OpenSSL TLS v 1.2 > or it > > > needs to be explicitly enabled? > > > > It is on by default. > > > > Matt > > > > -- > > openssl-users mailing list > > To unsubscribe: > > https://mta.openssl.org/mailman/listinfo/openssl-users > > <https://mta.openssl.org/mailman/listinfo/openssl-users> > > > > > > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users