[PATCH] Documented automatic rotation of TLS session ticket keys
Sergey Kandaurov
pluknet at nginx.com
Tue Oct 4 14:22:39 UTC 2022
> On 4 Oct 2022, at 00:17, Yaroslav Zhuravlev <yar at nginx.com> wrote:
>
> xml/en/docs/http/ngx_http_ssl_module.xml | 5 ++++-
> xml/ru/docs/http/ngx_http_ssl_module.xml | 5 ++++-
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
>
> # HG changeset patch
> # User Yaroslav Zhuravlev <yar at nginx.com>
> # Date 1664828002 -3600
> # Mon Oct 03 21:13:22 2022 +0100
> # Node ID 547c4be44f0db08923b7dd33bca262d009219a3a
> # Parent 9708787aafc70744296baceb2aa0092401a4ef34
> Documented automatic rotation of TLS session ticket keys.
>
> diff --git a/xml/en/docs/http/ngx_http_ssl_module.xml b/xml/en/docs/http/ngx_http_ssl_module.xml
> --- a/xml/en/docs/http/ngx_http_ssl_module.xml
> +++ b/xml/en/docs/http/ngx_http_ssl_module.xml
> @@ -10,7 +10,7 @@
> <module name="Module ngx_http_ssl_module"
> link="/en/docs/http/ngx_http_ssl_module.html"
> lang="en"
> - rev="58">
> + rev="59">
>
> <section id="summary">
>
> @@ -690,6 +690,9 @@
> about 4000 sessions.
> Each shared cache should have an arbitrary name.
> A cache with the same name can be used in several virtual servers.
> +In shared cache,
This part looks redundant, as it's already dedicated to shared cache.
> +TLS session ticket keys
> +are automatically generated, stored, and periodically rotated.
- missed <appeared-in>
- need to clarify relationship with ssl_session_ticket_key, e.g.:
Additionally, TLS session ticket keys
are automatically generated, stored, and periodically rotated
unless explicitly configured using the
<link id="ssl_session_ticket_key"/> directive (1.23.2).
[..]
--
Sergey Kandaurov
More information about the nginx-devel
mailing list