ssl_session_timeout and forward secrecy concerns

Richard Fussenegger richard at
Thu Jun 9 16:57:12 UTC 2016

Note that a solution for session ticket key rotation is actually trivial:

The second link contains some more info on the actual implementation and the relevant nginx parts.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3880 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the nginx-devel mailing list