'session_tickets off' option for TLS 1.3

Alexander Smirnov alexander at smirn0v.ru
Mon Apr 13 20:40:18 UTC 2020


I'm working on a project that is completely unrelated to nginx.
Just found a bug as I thought. Regardless of how common some configuration
mode is – it should work correctly.
I don't think that fix for this will somehow significantly change my
experience with nginx, but I have time to fix it and it doesn't look too
complex.
Would be glad to help on this.

On Mon, Apr 13, 2020 at 10:35 PM Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Mon, Apr 13, 2020 at 09:29:05PM +0300, Alexander Smirnov wrote:
>
> > Hello,
> >
> > Thank you for your response.
> >
> > So there are two options:
> >
> > * Fix from the nginx side. But with respect not only to 'session_tickets
> > off' but 'session_cache off'.
> > * Fix from OpenSSL side.
> >
> > Do I understand right that you won't accept a fix from nginx side and I
> > should file an issue to OpenSSL ?
>
> First of all, you may want to elaborate on what are you trying to
> fix, and why.  Disabling session reuse completely is a strange
> thing to do in the first place, and trying to make this very
> uncommon mode slightly more efficient might not worth the effort,
> regardless of where you are going to do this.
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20200413/82149474/attachment.htm>


More information about the nginx-devel mailing list