On Thu, Sep 16, 2021 at 09:49:31AM -0700, Benjamin Kaduk via openssl-users
wrote:
> I'd be interested in hearing your thoughts about what an API/config would look
> like to enable the delayed-send behavior.
A simple boolean SSL_CONF_CMD called something like:
-ticket_delay, or
-ticket_d
On Thu, Sep 16, 2021 at 12:40:55PM -0400, Viktor Dukhovni wrote:
> On Thu, Sep 16, 2021 at 09:30:18AM -0700, Benjamin Kaduk via openssl-users
> wrote:
> > On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
> > >
> > > I don't recall whether OpenSSL makes any effort to or supports de
On Thu, Sep 16, 2021 at 09:30:18AM -0700, Benjamin Kaduk via openssl-users
wrote:
> On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
> >
> > I don't recall whether OpenSSL makes any effort to or supports deferring
> > the transmission of session tickets until just before the first
On Thu, Sep 16, 2021 at 12:20:05PM -0400, Viktor Dukhovni wrote:
>
> I don't recall whether OpenSSL makes any effort to or supports deferring
> the transmission of session tickets until just before the first
> application data transmission from server to client (or else perhaps
> just before respo
On Thu, Sep 16, 2021 at 10:05:44AM +0100, Matt Caswell wrote:
> No. Unless you configure the server otherwise OpenSSL will always send
> session ticket(s) in TLSv1.3.
It may be worth mentioning a discussion from some time back on the TLSWG
list started by David Benjamin that notes that in TLS 1.
On 16/09/2021 09:58, Jaya Muthiah wrote:
TLSv1.3 does not require the server to send any tickets if it decides not to.
What makes it decide NO TO. Here I am particularly interested in
OpenSSL implementation only.
In OpenSSL it is possible to configure the server to set the number of tickets
> TLSv1.3 does not require the server to send any tickets if it decides not to.
What makes it decide NO TO. Here I am particularly interested in
OpenSSL implementation only.
> In OpenSSL it is possible to configure the server to set the number of
> tickets that are sent - including down to 0.
I
On 16/09/2021 07:19, Jaya Muthiah wrote:
As I can read from the documents mentioned below, "or not at all"
worries me. Is there a situation when a session ticket is not sent at
all (other than when reused)?
TLSv1.3 does not require the server to send any tickets if it decides
not to. By def