ssl_session_timeout and forward secrecy concerns

Richard Fussenegger richard at fussenegger.info
Thu Jun 9 16:57:12 UTC 2016


Note that a solution for session ticket key rotation is actually trivial:

https://github.com/Fleshgrinder/nginx-session-ticket-key-rotation

http://richard.fussenegger.info/ma/masters-thesis-web-signed.pdf#107

The second link contains some more info on the actual implementation and the relevant nginx parts.

Richard


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3880 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20160609/0bbac59f/attachment.bin>


More information about the nginx-devel mailing list