proper setup for forward secrecy
mdounin at mdounin.ru
Fri Aug 10 09:07:06 UTC 2012
On Thu, Aug 09, 2012 at 02:37:36PM -0400, eiji-gravion wrote:
> I was reading an article written by Adam Langley and he says:
> "You also need to be aware of Session Tickets in order to implement
> forward secrecy correctly. There are two ways to resume a TLS
> connection: either the server chooses a random number and both sides
> store the session information, of the server can encrypt the session
> information with a secret, local key and send that to the client. The
> former is called Session IDs and the latter is called Session Tickets.
> But Session Tickets are transmitted over the wire and so the server's
> Session Ticket encryption key is capable of decrypting past connections.
> Most servers will generate a random Session Ticket key at startup unless
> otherwise configured, but you should check."
> So my question is, how does nginx handle this?
As per OpenSSL default - as long as session tickets are supported
by OpenSSL version you use, random key for session tickets will be
generated automatically on nginx startup.
More information about the nginx