Wouter Wijngaards via Unbound-users: > There is also TLS session resumption support, that can be enabled with > the tls-session-ticket-keys option.
According to a scan of a unbound DoT endpoint running 1.9.1 unbound enables TLS session resumption based on - Session ID and - Session Tickets by default, without specifying tls-session-ticket-keys. from the man page: > tls-session-ticket-keys: <file> > If not "", [...] unbound will not start when setting: tls-session-ticket-keys: "" error: could not read tls-session-ticket-key : No such file or directory Questions: - What key is used to encrypt session tickets if tls-session-ticket-keys is not set? - How can I disable TLS session resumption based on session tickets? - What is the default timeout for session resumption based on session IDs? - How can I configure that timeout? - How can I disable TLS session resumption based on session IDs? thanks, nusenu -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
signature.asc
Description: OpenPGP digital signature
