proper setup for forward secrecy

Maxim Dounin mdounin at
Fri Aug 10 09:07:06 UTC 2012


On Thu, Aug 09, 2012 at 02:37:36PM -0400, eiji-gravion wrote:

> Hello,
> I was reading an article written by Adam Langley and he says:
> "You also need to be aware of Session Tickets in order to implement
> forward secrecy correctly. There are two ways to resume a TLS
> connection: either the server chooses a random number and both sides
> store the session information, of the server can encrypt the session
> information with a secret, local key and send that to the client. The
> former is called Session IDs and the latter is called Session Tickets.
> But Session Tickets are transmitted over the wire and so the server's
> Session Ticket encryption key is capable of decrypting past connections.
> Most servers will generate a random Session Ticket key at startup unless
> otherwise configured, but you should check."
> So my question is, how does nginx handle this?

As per OpenSSL default - as long as session tickets are supported 
by OpenSSL version you use, random key for session tickets will be 
generated automatically on nginx startup.

Maxim Dounin

More information about the nginx mailing list