'session_tickets off' option for TLS 1.3

Maxim Dounin mdounin at mdounin.ru
Mon Apr 13 19:35:09 UTC 2020


On Mon, Apr 13, 2020 at 09:29:05PM +0300, Alexander Smirnov wrote:

> Hello,
> Thank you for your response.
> So there are two options:
> * Fix from the nginx side. But with respect not only to 'session_tickets
> off' but 'session_cache off'.
> * Fix from OpenSSL side.
> Do I understand right that you won't accept a fix from nginx side and I
> should file an issue to OpenSSL ?

First of all, you may want to elaborate on what are you trying to 
fix, and why.  Disabling session reuse completely is a strange 
thing to do in the first place, and trying to make this very 
uncommon mode slightly more efficient might not worth the effort, 
regardless of where you are going to do this.

Maxim Dounin

More information about the nginx-devel mailing list