opinions about Session tickets
A. Schulze
sca at andreasschulze.de
Mon Apr 11 15:17:07 UTC 2016
Maxim Dounin:
> In nginx 1.5.9 the "ssl_session_tickets" directive was added,
> which makes it possible to disable session tickets when needed.
I found these two opinions. They suggest to disable session tickets.
- https://www.farsightsecurity.com/Blog/20151202-thall-hardening-dh-and-ecc/
-
https://timtaubert.de/blog/2014/11/the-sad-state-of-server-side-tls-session-resumption-implementations/
what do others think about that?
Andreas
More information about the nginx
mailing list